Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Pages: 1
Hello,
I plan to spend an embarrassingly large amount of time recovering the TDES key. <I am told this is more commonly called the HID Transport key>
I am starting this project with near zero knowledge of the relevant things I ought to have knowledge of. Well that's not quite true, but far less than I ought to at any rate.
I see some people have discussed reverse engineering the OmniKEY Firmware to get it, and I can see how that would be easier. I worry, however, that I would be depriving myself of a useful learning opportunity.
Am I being foolish? Should I just save the time, money, and (knowing my dexterity and mindfulness) 2nd degree burns by attacking the firmware?
Thanks in advance for any feedback.
/R
Last edited by Ryston (2019-10-23 18:23:25)
Offline
the TDES key? Which TDES key do you refer to?
Offline
He is probably referring to the legacy iClass master key, which is indeed used for TDES (Triple DES, 3DES) encryption in the key diversification.
Offline
and guessing what he refers to is the exact reason for me asking...
Offline
Oh, sorry for the confusion.
No not the key used for authentication through key diversification. It looks like the contents of block |07| is encrypted and contains the facility code + external ID number, and possibly some other data.
I think I am referring to the keys used for this... ya I just re-read the part of heart of darkness describing key extraction and I am now pretty sure those are indeed things.
https://www.openpcd.org/dl/HID-iCLASS-security.pdf
Page Five, Figure 8 shows it as a 16 byte key... I guess perhaps keys would be a more appropriate description. Anyways, it is that which I seek to extract.
It seems logical to me the Omnikey must have it in its firmware as well, which would be easier to get to... but then I would miss the learning experience. Not sure if thats a lesson I'd regret skipping.
Last edited by Ryston (2019-10-22 19:23:05)
Offline
ok, the HID transport key.
Offline
Pages: 1