[QUESTION] About the ARC4 key...

manulaiko3.0 · 01/15/2015, 08:43

Is the ARC4 key encrypted with RSA?
Because I saw that it calls a method that parses the bytes received from server to a ByteArray and RSAKey class is never used again.

See you!

Requi · 01/15/2015, 22:43

#moved

Tension · 01/16/2015, 20:58

Quote:

Originally Posted by manulaiko3.0

Is the ARC4 key encrypted with RSA?
Because I saw that it calls a method that parses the bytes received from server to a ByteArray and RSAKey class is never used again.

See you!

Which game are you talking about?

RC4 doesn't have a condition for the key since it's a symmetric key algorithm.

The key could be possible be encrypted with RSA, try to debug the RSAKey-Class and follow the code to see what happens with the key.

YatoDev · 01/16/2015, 22:15

Quote:

Originally Posted by Tension

Which game are you talking about?

darkorbit. this is more for the coders from our section.

i think requi moved it because the guys who can help also are looking here and the normal user cant answere this

manulaiko3.0 · 01/17/2015, 03:16

This thread was originally in DarkOrbit's section, I didn't post it here because I would explain how main.swf works and too much work so I asked in DO's section, now this thread is useless here, so #closerequest

Requi · 01/17/2015, 03:35

Quote:

Originally Posted by manulaiko3.0

This thread was originally in DarkOrbit's section, I didn't post it here because I would explain how main.swf works and too much work so I asked in DO's section, now this thread is useless here, so #closerequest

I can promise you that no one in the DarkOrbit section would be able to help you. So I moved this thread to this section.

warfley · 01/17/2015, 04:56

To generate the key for a symmetric encryption (like RC4) usually a key exchange is used. For this both clients send informations to each other to generate the key. Just reading these informations won't give you the key, but these exchanges can be attacked by man in the middle attacks. So you need to make this kinda save. For that purpose you can use an asymmetric encryption such as RSA. RSA gets its safety because of huge prime numbers (250+ digits) which make it nearly impossible to read the private key in time to perform a man in the middle attack.

After the key exchange you won't need RSA anymore and thats why the class isn't used again.

Its a pretty usual method to protect connections.

To generate the key for a symmetric encryption (like RC4) usually a key exchange is used. For this both clients send informations to each other to generate the key. Just reading these informations won't give you the key, but these exchanges can be attacked by man in the middle attacks. So you need to make this kinda save. For that purpose you can use an asymmetric encryption such as RSA. RSA gets its safety because of huge prime numbers (250+ digits) which make it nearly impossible to read the private key in time to perform a man in the middle attack.

After the key exchange you won't need RSA anymore and thats why the class isn't used again.

Its a pretty usual method to protect connections.

YatoDev · 01/17/2015, 11:18

Quote:

Originally Posted by warfley

....

the darkorbit client is protected from bot's with encrypted packets and swf. his question isnt related to rc4 directly. rc4 is used to de/crypt them in runtime.

so he ask how the client is working. to answere this you need to download the main.swf from darkorbit and decompile it

Mostey · 01/17/2015, 15:11

Quote:

Originally Posted by warfley

So you need to make this kinda save. For that purpose you can use an asymmetric encryption such as RSA. RSA gets its safety because of huge prime numbers (250+ digits) which make it nearly impossible to read the private key in time to perform a man in the middle attack.

RSA doesn't get it's safety just because of the generated keys being longer. That would be the main security aspect of symmetric encryption such as AES. In RSA, one of the endpoints sends their public key to the partner. Now the partner is able to encrypt his messages with this public key. This ensures that the only one able to decrypt this messages is the one with the private key matching the public key that was sent in the beginning.

This is why MITM attacks are pointless in case asymmetric encryption is used.

Quote:

Originally Posted by warfley

After the key exchange you won't need RSA anymore and thats why the class isn't used again.

I doubt that this is true since every message needs to be encrypted. Therefore both, the RSA algorithms and the public key of the end point needs to be used to accomplish that.

manulaiko3.0 · 01/17/2015, 16:41

Quote:

Originally Posted by Mostey

I doubt that this is true since every message needs to be encrypted. Therefore both, the RSA algorithms and the public key of the end point needs to be used to accomplish that.

Well, I've been reading main.swf (the client) and it just uses the RSAKey class once to transfer the ARC4 key and it's never used again.
So when the server sends a packet it decrypts the packet with an ACB code that contains a random encrypt/decrypt functions and its sent by the server and then it's decrypted again with the ARC4 class

warfley · 01/17/2015, 17:30

Quote:

RSA doesn't get it's safety just because of the generated keys being longer. That would be the main security aspect of symmetric encryption such as AES. In RSA, one of the endpoints sends their public key to the partner. Now the partner is able to encrypt his messages with this public key. This ensures that the only one able to decrypt this messages is the one with the private key matching the public key that was sent in the beginning.

This is why MITM attacks are pointless in case asymmetric encryption is used.

RSA is theoretically unsafe, because you can get the private key by just factorizing the modulo. Every middleschool student knows how to factorize numbers. It's only safe because of the technical problem that factorizing large numerical values takes a lot of time even with supercomputers. If you use numbers in the 64 bit range a normal pc would be able to get the private key in a few seconds.

Heres a quote of my prof:
(German original)

Quote:

Die Sicherheit des RSA-Kryptosystems beruht auf der Schwierigkeit, große natürliche Zahlen zu faktorisieren. Könnte ein Angreifer aus der Kenntnis des öffentlichen Schlüssels Kpubl = (n,a) in Anwendung (9.35) die Primfaktoren von n ermitteln, so könnte er auch φ(n) und damit mit Hilfe des erweiterten euklidischen Algorithmus’ (8.20) den privaten Schlüssel Kpriv = b berechnen.

English:

Quote:

The security of the RSA cryptosystem based on the difficulty to factorise large natural numbers. Could an attacker from the knowledge of the public key Kpubl = (n, a) determine the prime factors of n in use (9.35), he could also get φ (n) and using the extended Euclidean algorithm (8.20) to calculate the private key Kpriv = b.

Thats why you usually use a 2048 bit Modulo