Author Topic: I just had a crazy idea......  (Read 6675 times)

0 Members and 1 Guest are viewing this topic.

Offline willrandship

  • Omnimagus of the Multi-Base.
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2953
  • Rating: +98/-13
  • Insert sugar to begin programming subroutine.
    • View Profile
I just had a crazy idea......
« on: September 27, 2010, 11:34:17 am »
The way I understand it.........

Nspire OS->Checksum file
Checksum->encryption
= Os x.x.tno

Tno->Calc
Calc Decrypts Checksum, makes checksum from OS bin.
If match, installs.

Is that about right?

Well, if so, what about this?

We write our own loader for our own OS/progs/whatever that matches the checksum of the boot2/OS bin, then that loads the rest of everything when run!

Thoughts/comments?

Offline calcdude84se

  • Needs Motivation
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2272
  • Rating: +78/-13
  • Wondering where their free time went...
    • View Profile
Re: I just had a crazy idea......
« Reply #1 on: September 27, 2010, 04:30:47 pm »
It depends. Cryptographic hashes were designed to prevent these so-called "collision attacks."
MD5, however, is compromised. It depends on what hashing method TI is using.
It'll be awesome if it turns out to be this easy ;D
"People think computers will keep them from making mistakes. They're wrong. With computers you make mistakes faster."
-Adam Osborne
Spoiler For "PartesOS links":
I'll put it online when it does something.

Offline thepenguin77

  • z80 Assembly Master
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1594
  • Rating: +823/-5
  • The game in my avatar is bit.ly/p0zPWu
    • View Profile
Re: I just had a crazy idea......
« Reply #2 on: September 27, 2010, 04:46:38 pm »
I don't know how possible it is, but is this what you are saying?

Create our own loader in say 10kb. Then use like 50kb to try to fake the checksum? If that's possible, it would be really cool, maybe if we devoted a few computers to such a feat it would be possible.
zStart v1.3.013 9-20-2013 
All of my utilities
TI-Connect Help
You can build a statue out of either 1'x1' blocks or 12'x12' blocks. The 1'x1' blocks will take a lot longer, but the final product is worth it.
       -Runer112

Offline jnesselr

  • King Graphmastur
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2270
  • Rating: +81/-20
  • TAO == epic
    • View Profile
Re: I just had a crazy idea......
« Reply #3 on: September 27, 2010, 06:04:06 pm »
MD5 is not completely down and out. Besides, I would presume that the nspire might use SHA-1.  Just a theory considering the 1024 bit key.

And Because of the way hashes work, It would be easier to factor the RSA keys then trying to find a match.

Offline willrandship

  • Omnimagus of the Multi-Base.
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2953
  • Rating: +98/-13
  • Insert sugar to begin programming subroutine.
    • View Profile
Re: I just had a crazy idea......
« Reply #4 on: September 27, 2010, 07:45:32 pm »
Is there any way to know which method they used? It would really stink to develop a program to match the checksum of one type, only to have it be completely different from another, and be rejected.

Offline Happybobjr

  • James Oldiges
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2325
  • Rating: +128/-20
  • Howdy :)
    • View Profile
Re: I just had a crazy idea......
« Reply #5 on: October 02, 2010, 11:38:39 am »
any news about this?
School: East Central High School
 
Axe: 1.0.0
TI-84 +SE  ||| OS: 2.53 MP (patched) ||| Version: "M"
TI-Nspire    |||  Lent out, and never returned
____________________________________________________________

Offline AngelFish

  • Is this my custom title?
  • Administrator
  • LV12 Extreme Poster (Next: 5000)
  • ************
  • Posts: 3242
  • Rating: +270/-27
  • I'm a Fishbot
    • View Profile
Re: I just had a crazy idea......
« Reply #6 on: March 01, 2012, 10:20:09 am »
MD5 is not completely down and out. Besides, I would presume that the nspire might use SHA-1.  Just a theory considering the 1024 bit key.

And Because of the way hashes work, It would be easier to factor the RSA keys then trying to find a match.

MD5 is down and out, as of 2006. SHA-1 isn't quite down and out, but it's struggling.

Insert obligatory "Holy Necropost Fishman" here :D
∂²Ψ    -(2m(V(x)-E)Ψ
---  = -------------
∂x²        ℏ²Ψ

Offline TIfanx1999

  • ಠ_ಠ ( ͡° ͜ʖ ͡°)
  • CoT Emeritus
  • LV13 Extreme Addict (Next: 9001)
  • *
  • Posts: 6173
  • Rating: +191/-9
    • View Profile
Re: I just had a crazy idea......
« Reply #7 on: March 01, 2012, 10:31:58 am »
That's one fishy necro! :O How did you happen to stumble onto this again anyways?

Offline AngelFish

  • Is this my custom title?
  • Administrator
  • LV12 Extreme Poster (Next: 5000)
  • ************
  • Posts: 3242
  • Rating: +270/-27
  • I'm a Fishbot
    • View Profile
Re: I just had a crazy idea......
« Reply #8 on: March 01, 2012, 04:03:56 pm »
I was going over some security stuff and I remembered how computationally expensive it was to sign large quantities of data with public key algorithms. It got me thinking about how the Nspire would have to sign an entire OS if it didn't use hash of sorts and...
∂²Ψ    -(2m(V(x)-E)Ψ
---  = -------------
∂x²        ℏ²Ψ

Offline Jim Bauwens

  • Lua! Nspire! Linux!
  • Editor
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1881
  • Rating: +206/-7
  • Linux!
    • View Profile
    • nothing...
Re: I just had a crazy idea......
« Reply #9 on: March 02, 2012, 05:16:18 am »
Very interesting :)
Got to research some more details.

Offline Jonius7

  • python! Lua!
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1918
  • Rating: +82/-18
  • Still bringing new dimensions to the TI-nspire...
    • View Profile
    • TI Stadium
Re: I just had a crazy idea......
« Reply #10 on: March 02, 2012, 05:22:35 am »
That would be tricky overall, but it would be possible considering we've got ndless already manipulating the OS a bit. So effectively, we would be able to write a different OS (GUI) or shell?
« Last Edit: March 02, 2012, 05:22:46 am by Jonius7 »
Programmed some CASIO Basic in the past
DJ Omnimaga Music Discographist ;)
DJ Omnimaga Discography
My Own Music!
My Released Projects (Updated 2015/05/08)
TI-nspire BASIC
TI-nspire Hold 'em
Health Bar
Scissors Paper Rock
TI-nspire Lua
Numstrat
TI-nspire Hold 'em Lua
Transport Chooser
Secret Project (at v0.08.2 - 2015/05/08)
Spoiler For Extra To-Be-Sorted Clutter:

Spoiler For Relegated Projects:
TI-nspire BASIC
Battle of 16s (stalled) | sTIck RPG (stalled) | Monopoly (stalled) | Cosmic Legions (stalled)
Axe Parser
Doodle God (stalled while I go and learn some Axe)

Offline Jim Bauwens

  • Lua! Nspire! Linux!
  • Editor
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1881
  • Rating: +206/-7
  • Linux!
    • View Profile
    • nothing...
Re: I just had a crazy idea......
« Reply #11 on: March 02, 2012, 05:28:58 am »
You can do that now already.
But the thing here is to have an alternative OS working without Ndless, and installed the the flash.
This would give also much more power to the user.

Offline Jonius7

  • python! Lua!
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1918
  • Rating: +82/-18
  • Still bringing new dimensions to the TI-nspire...
    • View Profile
    • TI Stadium
Re: I just had a crazy idea......
« Reply #12 on: March 02, 2012, 05:30:53 am »
Yeah I meant that, an OS independent of programs using the OS.
It would definitely give much more power to the user. But flexibility too.
« Last Edit: March 02, 2012, 05:31:07 am by Jonius7 »
Programmed some CASIO Basic in the past
DJ Omnimaga Music Discographist ;)
DJ Omnimaga Discography
My Own Music!
My Released Projects (Updated 2015/05/08)
TI-nspire BASIC
TI-nspire Hold 'em
Health Bar
Scissors Paper Rock
TI-nspire Lua
Numstrat
TI-nspire Hold 'em Lua
Transport Chooser
Secret Project (at v0.08.2 - 2015/05/08)
Spoiler For Extra To-Be-Sorted Clutter:

Spoiler For Relegated Projects:
TI-nspire BASIC
Battle of 16s (stalled) | sTIck RPG (stalled) | Monopoly (stalled) | Cosmic Legions (stalled)
Axe Parser
Doodle God (stalled while I go and learn some Axe)

Offline Lionel Debroux

  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2135
  • Rating: +290/-45
    • View Profile
    • TI-Chess Team
Re: I just had a crazy idea......
« Reply #13 on: March 02, 2012, 02:11:13 pm »
jimbauwens pointed me to this topic.

Quote
Is there any way to know which method they (TI) used?
The method was publicly documented on Hackspire months before this thread was started ;)
Namely, TI uses SHA256, which is much stronger than SHA-0 or SHA-1, and of course even more stronger than MD5 (used in TI-Z80 and TI-68k series).

Finding a useful cryptographic hash collision would be like winning 10-15 times at the lottery, instead of 20-30 (or 40-60) with TF on the public RSA keys... that's immensely better, but still completely hopeless. Neither method is a usable way to achieve our basic user right, our freedom to tinker with the hardware we own.
Member of the TI-Chess Team.
Co-maintainer of GCC4TI (GCC4TI online documentation), TILP and TIEmu.
Co-admin of TI-Planet.

Offline AngelFish

  • Is this my custom title?
  • Administrator
  • LV12 Extreme Poster (Next: 5000)
  • ************
  • Posts: 3242
  • Rating: +270/-27
  • I'm a Fishbot
    • View Profile
Re: I just had a crazy idea......
« Reply #14 on: March 02, 2012, 04:24:18 pm »
I have to give TI props, they knew what they were doing this time with the Nspire. Although, being able to generate collisions would in fact give us a method to reinstall the OS because if the hash was sufficiently weak, it would give us the freedom to pick certain parts of the data and then select other sections of data to form a collision (basically a variation of the chosen-prefix attack).

Thanks for pointing out the information. I couldn't find the info on Hackspire :)
∂²Ψ    -(2m(V(x)-E)Ψ
---  = -------------
∂x²        ℏ²Ψ