Hey there.

So... you use an ad blocker. That's cool. Sometimes we do too.

But without ad revenue, we wouldn't even be here. And we might not be here much longer.

Please disable your ad blocker and click to continue.

Page 2 of 3 First 123 Last
  1. #11
    tripellex Guest
    Quote Originally Posted by XiLE View Post
    I don't think tripellex was suggesting that Sony used an MD5 hash

    I think he meant that as we now have access to encrypted and unencrypted versions of the same file, you could generate an MD5 hash of the unencrypted file, then repeatedly try and decrypt the encrypted file using random hashes, and then generate an MD5 hash on those attempted decryptions until it matches the MD5 hash you got from the original unencrypted file?
    Exactly. Once the MD5 hashes sync up, we know the file's cracked. Doing this in a cloud format would greatly speed up the process.

    Again, if I'm misinformed about encryption protocals here, please do correct me so I'm not just talking out of my a$$

  2. #12
    Keeper75 Guest
    TITLE: MD5 Algorithm Cracked Using Gaming Consoles

    security researchers have successfully created a forged certificate authority, exploiting a so-called "colliding certificates" attack, clearly indicating that the certification authorities must advance their security related standards with immediate effect.

    The researchers used 200 PS3 game consoles over eight days.

    Extracted from: http://blogs.techrepublic.com.com/networking/?p=776

  3. #13
    tripellex Guest
    Well there ya go. 200 PS3s. There are thousands of registered users here. Even if only a tenth of us contributed, I'm sure we could bust the Cell encryption open in no time.

  4. #14
    whinis Guest
    With a rainbow table you can crack an md5 in about 25 seconds - 4 minuets using the above method. MD5 is not that secure, as I found out last night, it only allows for quick easy compare method as you can tell whether the file was tampered with.

    And you only need 1 ps3 or single core computer.

  5. #15
    Keeper75 Guest
    Well, what i've posted is for cloning certificates, by creating collisions so that you can have two different certificates with the same md5 integrity verification validated...

    MD5 is just for checking the integrity of files (i.e.: if you change one single bit inside a file, the MD5 hash check will fail) - not to encrypt/decrypt...


    I mean, you can theoretically have two hashes (one for the decrypted file and one for the encrypted file), which would be verified and accepted by your PS3 - this assuming that PS3 was/is/were using Md5 checks - but what would the PS3 do with the already decrypted file which has a valid MD5 check ? doesn't the PS3 needs to "decrypt" the already decrypted (and MD5 integrity checked) file so to execute it?

    What you really need to know is what encryption/decryption method is being used by PS3..

  6. #16
    whinis Guest
    You don't decrypt md5 you just use it to compare to an already known file/hash. So the ps3 would use the md5 to insure that the file is either complete or correct. It is in fact impossible to decrypt a md5 since it has multiple answers which is the reason collisons work. Its 2 answers to the same problem.

  7. #17
    Keeper75 Guest
    Uh... MD5 does NOT encrypt (or decrypt) anything... (i've post above that link to wiki, so to explain better what's MD5 - MD5 is just a integrity check algo...)

    I'll say it again...what is needed to know, is the encryption algorithm used - which is a different thing from MD5.

  8. #18
    whinis Guest
    you can surely encrypt any number of text under 128 characters into md5 just not the reverse. However finding the other encryption method will be the challenge.

  9. #19
    Keeper75 Guest
    example of some Integrity check (Authentication) Algorithms:

    MD5; SHA1; SHA-2; CRC; CRC32; etc

    example of some Encryption algorithms:

    RSA; DES; 3DES; Blowfish; RC4; etc

    In my limited knowledge of cryptography and based on what i've always considered to be the way cryptography worked, idk how can you use MD5 has an encryption algo, since it was never designed to do so.

  10. #20
    whinis Guest
    Many websites use Md5 to store passwords as even if you get the database you can not reverse the passwords. However I have a feeling they are using RSA or a variation of it.

Page 2 of 3 First 123 Last

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Log in