[Question]Common Mistakes in DH Key Exchange

Page 2 of 2 1 2
12/28/2010 12:41 Korvacs#16
Well i mean have you tried swapping them, by reverse i meant that for me:

Encrypt = Decrypt = ClientIV
Decrypt = Encrypt = ServerIV

Yours is:

Encrypt = Decrypt = ServerIV
Decrypt = Encrypt = ClientIV

What they are named isnt all that relevant. But that would definately cause issues (i should know i had it set wrong at one time and was running round in circles for days)
12/28/2010 16:45 shitboi#17
Quote:
Originally Posted by Korvacs View Post
Well i mean have you tried swapping them, by reverse i meant that for me:

Encrypt = Decrypt = ClientIV
Decrypt = Encrypt = ServerIV

Yours is:

Encrypt = Decrypt = ServerIV
Decrypt = Encrypt = ClientIV

What they are named isnt all that relevant. But that would definately cause issues (i should know i had it set wrong at one time and was running round in circles for days)
just to double check. in just a client-server context, the client decrypts packet using serverIV and encrypts using clientIV right?

And also raising my previous question again. are you able to find the server iv in conquer.exe? somehow i can only find a client iv
12/29/2010 02:27 Korvacs#18
Thats correct, however thats not how yours appears to be setup. Yours appears to be setup so that the client decrypts using the clientiv, and encrypts using the serveriv. You need the reverse of that.

I dont have time to check that for you, try reversing the IV's like ive suggested three times now.
12/29/2010 08:19 shitboi#19
Quote:
Originally Posted by Korvacs View Post
Thats correct, however thats not how yours appears to be setup. Yours appears to be setup so that the client decrypts using the clientiv, and encrypts using the serveriv. You need the reverse of that.

I dont have time to check that for you, try reversing the IV's like ive suggested three times now.
Well, i have suspected that before, i did try switching IVs, in fact i even tried to edit the IVs in the server DH packet to {0 0 0 0 0 0 0 0} so as to reduce the mistakes(variables) but to no avail.
I mean the logic in doing this is pretty straight cut, but i am not the only one having this problem when trying to develop this proxy in java. :(
12/29/2010 12:44 Korvacs#20
Can you show a snippet of where you initialize the ciphers, just want to check your using the right type of blowfish.
12/29/2010 18:23 shitboi#21
Quote:
Originally Posted by Korvacs View Post
Can you show a snippet of where you initialize the ciphers, just want to check your using the right type of blowfish.
Sure. I have used an cache object - ProxyDataPool - to store all the references to keys and etc so that i can avoid writing so many accessors and mutators. This i am showing you if my game packet cryptograher.
12/31/2010 12:53 Korvacs#22
Dunno what to suggest, you appear to be doing everything right, although the IVs have to be the way i stated otherwise it will never work. Really you need one of the Java guys in here incase this is something specific to Java, i get the feeling it is because the encryption hasnt been altered and my proxy still works without being altered in like a year.
12/31/2010 18:46 shitboi#23
Quote:
Originally Posted by Korvacs View Post
Dunno what to suggest, you appear to be doing everything right, although the IVs have to be the way i stated otherwise it will never work. Really you need one of the Java guys in here incase this is something specific to Java, i get the feeling it is because the encryption hasnt been altered and my proxy still works without being altered in like a year.
Indeed, conceptually, once you grasped it, you should know what to do. But funny enough the DH exchange doesn't seem to produce the correct shared key. I guess the quest to defeat co handshake continues...


This is how i wrote my DH Exchange. It contains static methods for generating a key pair for DH exchange
Code:
...
Page 2 of 2 1 2