Omnimaga

Calculator Community => Other Calculators => Topic started by: Zera on July 21, 2010, 11:24:20 pm

Title: Regarding NSpire cracking
Post by: Zera on July 21, 2010, 11:24:20 pm

Forgive me if I'm mistaken about the details here, as I don't understand the subject too well; but are people attempting to decrypt keys used by NSpire to circumvent some type of memory protection? If so, I wonder if a cold-boot attack (http://en.wikipedia.org/wiki/Cold_boot_attack) against the system is possible. (or something like it) That is, if the calculator is used in a manner where the system processes this key and stores it in memory, (e.g., a signed application is executed, and provides the appropriate verification key to the system) then perhaps the key can be extracted from memory as it's loaded. This type of attack works against encrypted computer systems, where decryption keys are stored in RAM for some time after the system powers down. This information can be carefully extracted from RAM before it is erased.

Title: Re: Regarding NSpire cracking
Post by: BrandonW on July 21, 2010, 11:27:13 pm

They want the keys so that they can sign their own boot2 and OS updates, so that they can create their own operating systems instead of using TI's very locked-down ones. In order to do that, they need the RSA factors of the public keys used for validation of said boot2 and OS areas. The calculator only decrypts, never encrypts. Such an attack wouldn't help.

The only way to get by this is to factor the RSA public keys, which will take a very, very, very long time.

Title: Re: Regarding NSpire cracking
Post by: quasi_Phthalo on July 21, 2010, 11:28:38 pm

If i understand correctly, the OS (or it's checksum or something) has to be encrypted before transmission, then the calc decrypts it and makes sure it's valid. we know what numbers the calc uses to decrypt it, so we can decrypt it ourselves. What we don't know is how to ENcrypt it so that it comes out correct when the calc decrypts it.

Title: Re: Regarding NSpire cracking
Post by: Builderboy on July 22, 2010, 01:30:29 am

Yeah, the calculator actually doesn't have the private key we want to get, nor is it used in the validation of applications.  The only time the private key is used is with TI when they are signing their apps.

Title: Re: Regarding NSpire cracking
Post by: Silver Shadow on July 22, 2010, 02:14:12 am

Then let's hack TI's servers! ;D

Title: Re: Regarding NSpire cracking
Post by: DJ Omnimaga on July 22, 2010, 02:17:57 am

Let's not get into illegal activities, though.

Title: Re: Regarding NSpire cracking
Post by: Netham45 on July 22, 2010, 02:19:15 am

Quote from: DJ Omnimaga on July 22, 2010, 02:17:57 am

Let's not get into illegal activities, though.

Then we need to move to russia or china where it's legal!

Title: Re: Regarding NSpire cracking
Post by: bwang on July 22, 2010, 02:20:08 am

Quote from: Netham45 on July 22, 2010, 02:19:15 am

Quote from: DJ Omnimaga on July 22, 2010, 02:17:57 am

Let's not get into illegal activities, though.

Then we need to move to russia or china where it's legal!

It's not legal there, just ignored.

Title: Re: Regarding NSpire cracking
Post by: Silver Shadow on July 22, 2010, 02:21:41 am

[hint]Hehe, I'm going to Russia for the winter holidays...[/hint]

Title: Re: Regarding NSpire cracking
Post by: Zera on July 22, 2010, 03:33:25 am

Oh, I see. I was mistaken, then.

Well, so much for my idea. :P