| Author |
Message |
|
fullmetalcoder
Member
Joined: 01 Aug 2009
Posts: 139
|
 Posted: 03 Aug 2009 11:11:09 am Post subject: |
|
|
FloppusMaximus wrote: Found another polynomial with a score of 2.52e-12. I'm testing the two best candidates now. So far they look a little worse than the polynomial I used for 04, which is to be expected since the number being factored is a bit larger.
Attached is an ugly hack on top of the pile of hacks that is the factMsieve script. If you add 'q0' and 'qlimit' values to the poly file, it will use only that range of q values.
now we just need to define ranges and assign them to whoever wants to help. As you've already started I guess the allocation is up to you. I'll start sieving as soon as you give me the relevant q0 and qlimit. for the final phase I doubt I have the most impressive hardware (laptop, core 2 duo T7700 @ 2.4GHz (32bit), 3GB RAM, all tools compiled with -march=native) but if it the case I can take care of it provided the sieving is done within 10days (which will require a lot of volunteers) because after that I'll beaway from my computer for a while so it will be done when I come back.
as for polynomial selection here are my results thus far :
* key : 01 (stopped at leading coeff 17942000, if anyone want to go on searching)
2 candidates
-> Best score so far: 2.640000e-12 (goodScore=2.470000e-12)
* key : 02 (still running)
13 candidates
-> Best score so far: 2.390000e-12 (goodScore=2.160000e-12)
* key : 03 (still running)
10 candidates
-> Best score so far: 2.770000e-12 (goodScore=2.470000e-12)
* key : 0102 (stopped at leading coeff 7995000, if anyone want to go on searching)
44 candidates
-> Best score so far: 2.700000e-12 (goodScore=2.160000e-12) |
|
| Back to top |
|
|
Graphmastur
Advanced Member
Joined: 25 Mar 2009
Posts: 360
|
| Posted: 03 Aug 2009 11:36:08 am Post subject: |
|
|
I have this 05 key, that I got from the rabbitsign program:
Quote: 406BABF27E9BF1826FD46CBF934E3360EF1F1D3D09D6C74E9DF78049D01A42F584BD383A10E64330
C2EE6F1B1C5162789E91E94677900F85D98E7D99F49B30A2BF
20F59BA0274F1CA6231A882B053AAD9A2B80EBE9D2B6E9FD1CDCFCE1AD9D9414D3
20DFED657A28DE2BFF75DE4F1AEBB7555859779DA38A671B7C76F81B50F02A6AE8
What exactly do I do to factor it, and where do I find keys? Oh, and I am using a mac.
EDIT: OH wait, that key is factored, isn't it. Alright, what about the "0A.pub" file:
Quote: 40B11C71D4EA2C13C9AB2E501C6085FEC87FF3B88BFD783EAC43351E1B10F65AD31C79C1268F7505
1DC8FC008EBF593AE5912E8B653975C13127E2B60A0BEF5FEF
Last edited by Guest on 03 Aug 2009 11:38:34 am; edited 1 time in total |
|
| Back to top |
|
|
Lionel Debroux
Member
Joined: 01 Aug 2009
Posts: 170
|
| Posted: 03 Aug 2009 11:50:27 am Post subject: |
|
|
TIGCC/GCC4TI support for FlashApps is a pretty old feature request. There are easier ones, though, because this one requires adding support in the linker, possibly a resource compiler, and maybe various other stuff (though most, if not all, of the library can be used unmodified for execution in Flash memory). Not to mention documentation, which can't be just copied and pasted from TIFS's (incomplete) documentation.
AFAIK, nobody looked seriously into it before ExtendeD made Flashappy, because of the need to sign the FlashApp anyway ... and nobody looked seriously into it since then (again, AFAIK), due to lack of time and other, more pressing bugs and feature requests.
IIRC, as a workaround, the building process of Pollux's GTC uses both TIGCC/GCC4TI, for compiling the code with a mostly decent compiler, and TIFS, for packaging the FlashApp together. |
|
| Back to top |
|
|
fullmetalcoder
Member
Joined: 01 Aug 2009
Posts: 139
|
| Posted: 03 Aug 2009 12:21:16 pm Post subject: |
|
|
Graphmastur wrote: What exactly do I do to factor it, and where do I find keys? Oh, and I am using a mac.
as mentioned already you need to get a couple of tools (you may need to compile them yourself). Being on a mac is no issue because the command line is linux-like. THe link already given by Michael is a good one (that's the one I used) : http://gilchrist.ca/jeff/factoring/nfs_beginners_guide.html
You can find keys in *.pub files of the "keys" directory of RabbitSign (and possibly somewhere in TI sites). The *.key files contains keys suitable for signing (factors are known).
Graphmastur wrote: Alright, what about the "0A.pub" file:
Quote: 40B11C71D4EA2C13C9AB2E501C6085FEC87FF3B88BFD783EAC43351E1B10F65AD31C79C1268F7505
1DC8FC008EBF593AE5912E8B653975C13127E2B60A0BEF5FEF
FloppusMaximus already did the polynomial selection step (first step) so all we need is to wait for him to give us the poly file, attribute sieving ranges to all volunteers and start sieving (second step). Once the sieving will have yielded a sufficient amount of relations we'll have to gather them on a single computer for the linear algebra phase (third and last phase) which will give use the prime factors.
The same process applies to all keys. If enough volunteers show up we might even start sieving other keys soon (like the fours above for which I have already done polynom selection). |
|
| Back to top |
|
|
Graphmastur
Advanced Member
Joined: 25 Mar 2009
Posts: 360
|
| Posted: 03 Aug 2009 12:28:48 pm Post subject: |
|
|
| So I just have to convert it to an integer, and run it? |
|
| Back to top |
|
|
fullmetalcoder
Member
Joined: 01 Aug 2009
Posts: 139
|
| Posted: 03 Aug 2009 01:28:44 pm Post subject: |
|
|
Graphmastur wrote: So I just have to convert it to an integer, and run it?
I used the following command to convert key files (FloppusMaximus posted the convkey.pl file earlier in this thread, you may need to apply the modification I suggested above to use it) :
Code:
cat 0A.pub | ./convkey.pl > 0A.n
obviously you need the proper files around (or to change the pathes in the command).
then you can run factMsieve.pl as explained in the guide. Note though that you don't need to do the first step for 0A since FloppusMaximus took care of it already (just wait for him to post the resulting poly file). Same goes for the 01, 02, 03 and 0102 keys for which I did the polynom selection. You can however pick any of the remaining (0101, 0 and run the polynom selection. You may also continue the polynom selection for 01 and 0102, starting from the point I left it, in case it gives better results (you'll have to alter the factMsieve script for that though). |
|
| Back to top |
|
|
Taricorp
Member
Joined: 09 Mar 2006
Posts: 188
|
| Posted: 03 Aug 2009 01:44:39 pm Post subject: |
|
|
Graphmastur wrote: brandonw wrote: Graphmastur wrote: Will you eventually have a little app, so that people can specify their asm, or maybe just bin file, for each page, and have it create the os? That would be amazing, and help people get past the whole command prompt thing, which is what made it hard to program asm at first.
Well that was kind of the idea with Build8XU (OS2Tools), you specify which pages out of a ROM (or any number of binary files) you want the OS to include and it builds an 8XU. That's a little different.
Unfortunately, it's kind of crappy, but it was built specifically with OS2 in mind.
What about using the keys, now that they have been deciphered?
I've been working on a general-purpose 8xu builder/signer, and it should be pretty easy to tack a GUI on the front of it, should that be a desired feature. |
|
| Back to top |
|
|
brandonw
Advanced Member
Joined: 12 Jan 2007
Posts: 455
|
| Posted: 03 Aug 2009 03:16:05 pm Post subject: |
|
|
Taricorp wrote: Graphmastur wrote: brandonw wrote: Graphmastur wrote: Will you eventually have a little app, so that people can specify their asm, or maybe just bin file, for each page, and have it create the os? That would be amazing, and help people get past the whole command prompt thing, which is what made it hard to program asm at first.
Well that was kind of the idea with Build8XU (OS2Tools), you specify which pages out of a ROM (or any number of binary files) you want the OS to include and it builds an 8XU. That's a little different.
Unfortunately, it's kind of crappy, but it was built specifically with OS2 in mind.
What about using the keys, now that they have been deciphered?
I've been working on a general-purpose 8xu builder/signer, and it should be pretty easy to tack a GUI on the front of it, should that be a desired feature.
It needs to be changed to use a separate key file, but seeing as how we already have Tari's in-the-works no-doubt-superior one and RabbitSign, it's not high on the priority list.
Last edited by Guest on 03 Aug 2009 03:16:25 pm; edited 1 time in total |
|
| Back to top |
|
|
Graphmastur
Advanced Member
Joined: 25 Mar 2009
Posts: 360
|
| Posted: 03 Aug 2009 05:08:14 pm Post subject: |
|
|
Why do I get this error?:
Code:
cc -I. -I.. -I../include -DNDEBUG -O3 -funroll-loops -finline-functions -ftracer -fomit-frame-pointer -W -Wall -march= -pipe -DMALLOC_REPORTING -DGMP_BUG -o getprimes.o -c getprimes.c
getprimes.c:1: error: bad value () for -march= switch
getprimes.c:1: error: bad value () for -mtune= switch
make: *** [getprimes.o] Error 1
What is up with that error? |
|
| Back to top |
|
|
fullmetalcoder
Member
Joined: 01 Aug 2009
Posts: 139
|
| Posted: 03 Aug 2009 06:12:11 pm Post subject: |
|
|
Graphmastur wrote: Why do I get this error?:
Code:
cc -I. -I.. -I../include -DNDEBUG -O3 -funroll-loops -finline-functions -ftracer -fomit-frame-pointer -W -Wall -march= -pipe -DMALLOC_REPORTING -DGMP_BUG -o getprimes.o -c getprimes.c
getprimes.c:1: error: bad value () for -march= switch
getprimes.c:1: error: bad value () for -mtune= switch
make: *** [getprimes.o] Error 1
What is up with that error?
No architecture is given to the compiler "-march=" should be something like "-march=athlon" or any other valid architecture value (or "-march=native" to save you the hassle of figuring what value best matches your computer). This compile switch allow the compiler to make use of the full instruction set and to take advantage of all known tricks specific to the architecture. Depending on the tool you're compiling there are different ways to get this fixed (setting an env var or passing a flag to configure or to make). |
|
| Back to top |
|
|
Graphmastur
Advanced Member
Joined: 25 Mar 2009
Posts: 360
|
| Posted: 03 Aug 2009 06:19:56 pm Post subject: |
|
|
Never mind. My compiler won't work with it.
Last edited by Guest on 03 Aug 2009 08:54:11 pm; edited 1 time in total |
|
| Back to top |
|
|
fullmetalcoder
Member
Joined: 01 Aug 2009
Posts: 139
|
| Posted: 04 Aug 2009 12:42:41 am Post subject: |
|
|
| come on, if you don't give us a compile log there's no way we can help it compiling this. There are only two things that may cause troubles in building these tools : improper configuration of the build process like you already faced and missing libraries. Both issues should be easy to address if you give us compile logs. |
|
| Back to top |
|
|
Graphmastur
Advanced Member
Joined: 25 Mar 2009
Posts: 360
|
| Posted: 04 Aug 2009 09:30:32 am Post subject: |
|
|
Oh, sorry. Herre it is: (Mind you, there needs to be some kind of collapsible.
< Code Removed due to taking way too much space >
Last edited by Guest on 04 Aug 2009 10:23:31 am; edited 1 time in total |
|
| Back to top |
|
|
Lionel Debroux
Member
Joined: 01 Aug 2009
Posts: 170
|
| Posted: 04 Aug 2009 09:35:17 am Post subject: |
|
|
| You haven't installed the GMP development files. The exact package name depends on the OS and the OS version (e.g. libgmp3-dev for Debian Lenny). |
|
| Back to top |
|
|
Graphmastur
Advanced Member
Joined: 25 Mar 2009
Posts: 360
|
| Posted: 04 Aug 2009 10:22:18 am Post subject: |
|
|
Turns out, the output is too long to put here.
I had to put it Here
It's just a test site of mine, to test css, etc. It was so long, that I had to split it up onto 4 pages, in order to bypass the 200,000 char limit. It is included on one page though.
Did I compile something wrong? It says 2 errors at the bottom.
Oh, I also tried it with x86_64, and had the same problem.
Last edited by Guest on 04 Aug 2009 12:19:24 pm; edited 1 time in total |
|
| Back to top |
|
|
squalyl
Advanced Newbie
Joined: 04 Aug 2009
Posts: 57
|
| Posted: 04 Aug 2009 05:27:26 pm Post subject: |
|
|
First of all hello to all, and congratulations for the nice work.
I'm starting to work on the ti68k keys.
these commands were enough for me to compile these interesting packages (french forum, but no french is needed, only the shell commands are useful  )
http://www.yaronet.com/posts.php?sl=&s...p=2&h=45#45
The GMP development headers and libraries are the only dependencies.
This tool is nice to read the certificate from a ti68k (same frenchies, but again the cited code is enough ^^)
http://www.yaronet.com/posts.php?sl=&s...p=2&h=56#56
But I'm not sure where to get the key data from the dumped certificate memory.
I'll keep you updated.
Last edited by Guest on 04 Aug 2009 05:28:46 pm; edited 1 time in total |
|
| Back to top |
|
|
FloppusMaximus
Advanced Member
Joined: 22 Aug 2008
Posts: 472
|
| Posted: 04 Aug 2009 07:39:35 pm Post subject: |
|
|
Graphmastur: According to that log, you have the wrong version of libgmp (maybe it's a PPC version? or a 32-bit x86 version?) Where did you get gmp from? I would try MacPorts first; I think they support compiling 64-bit versions of things.
squalyl: The certificates are stored in the read-protected area of Flash; I seem to remember that there are some ROM calls that you can use to extract the certificate data. (Edit: if you already have a certificate dump, then look for the hex sequence '0711xx073D40' or '0712xxxx073D40' where xx/xxxx is the key ID; this will be followed by 64 bytes, which are the public key in little-endian form.) You can also compute the public key given two different RSA signatures. In any case, here are some of the keys (in hexadecimal, big endian):
n01 =
AD49CA3CFEF1F2DE400B5D3790813BF3822CB0BD83E3F565CE81B3A6CEF36FB8
33D932596D0E979615BAB6811ABE68834CA7CEBF46145C1DD1920AA4E9558DF7
n0101 =
BC747C4065E96E3B79B9BCC1A441BC3692E264CF681C9962B763C19824D84FB047
4D567CF2FE55473378A18DB2E875BCE87F0022B6B9CC1E1FD455D9FACD0461
n03 =
8976D4B5045A8988FB2BBAF8BADAFAFA4C5F8ABD5A9453D46790B33A03F6C225A
AF31500E8246E63498D85A1C7C8240E0630331F1291F6F4F21611BD661FC2E7
n0103 =
916BDE593CC9F21B07F72033A92D6DC6DCCE8622705E9F7B4C4235A00B0A0DEA4
F9827960CF2676C3F25F987C4BACD38A8F849A5CFCEC188BA0C8B3DFD3602ED
n08 =
8307B022CEC848E14CA5D57C0C148A4803FEB19F7EEEC4493C860DF89594250E8F
0F80B7AB18CF03C27A07C1BA41B5ED4368261F4427BBE200A3B017EE100511
(I don't have key 09; help would be appreciated.)
Also, squalyl, I believe fullmetalcoder said he was working on the 01 key, so you guys should work together.
Last edited by Guest on 04 Aug 2009 09:01:26 pm; edited 1 time in total |
|
| Back to top |
|
|
squalyl
Advanced Newbie
Joined: 04 Aug 2009
Posts: 57
|
| Posted: 05 Aug 2009 04:32:15 am Post subject: |
|
|
hi,
we were probably very asleep last evening.
According to this post: http://www.yaronet.com/posts.php?sl=&s...4&h=106#106 , Lionel traced the BN_power17Mod that computes the signatures on ti68k's, and found the keys are different on our calcs.
The key is stored in the '0A2(D)->40' field.
on my v200 the key data starts with f3 27 fe 77 59 d0 17 1e
on his ti89 the key data starts with E7 FD 23 53 A9 2A 4E 5F
there could some sort of coding, we're trying to understand what it could be.
We're waiting reports to check if there's one key per calculator model or if the key data is encrypted.
UPDATE: the 0A2 field contents seem to be used as is by the ti68k rsa routines, so i guess this is the modulo.
I'm starting a factorization attempt using the factMsieve.pl script from the latest (svn trunk) ggnfs/msieve
Last edited by Guest on 05 Aug 2009 07:07:44 am; edited 1 time in total |
|
| Back to top |
|
|
fullmetalcoder
Member
Joined: 01 Aug 2009
Posts: 139
|
| Posted: 05 Aug 2009 12:06:47 pm Post subject: |
|
|
I have done polynomial selection for almost all the keys that comes with RabbitSign (a couple may benefit from longer search to go beyond 2.5e-12 but overall the results are satisfying).
Unfortunately my nvidia driver was apparently screwed in the latest update so I will have to fix my laptop before being able to do anymore work on this. As soon as I'm done with the maintenance I'll post poly files (and all necessary data for possible continuation of search without wasting time over the ranges I already covered).
I have not started any sieving though and I'd rather not do so until we figure out a way to split the sieving of prioritary keys so as to reduce the amount of time needed to factor them. |
|
| Back to top |
|
|
FloppusMaximus
Advanced Member
Joined: 22 Aug 2008
Posts: 472
|
| Posted: 05 Aug 2009 02:38:18 pm Post subject: |
|
|
squalyl: The 0A2 field (on the Z80 models, and I would assume this is true on the 68ks as well) is the calculator public key, which is used for validating certificates. It's also used to compute the last four digits of the calculator ID. I don't know the details of how this is assigned - it might be based on the calculator ID somehow, or I suppose it might be uniquely generated for every calculator. Anyway, that is probably not the number you want to be working on.
In the certificate, application and OS keys are stored, in little-endian form, in 073x fields. The 071x field prior to the 073x field is the "key ID", a short hexadecimal string which is used to identify the key. (For instance, OS headers for the TI-89 will contain the field 801103, indicating that the OS is signed with key "03". Application headers for the TI-92+ will contain the field 81120101, indicating that the app is signed with key "0101". And so forth.)
Also, 8583...2533 (A3E3...1E15) is the key for validating date stamps. I don't see this key being of any particular use to us.
fullmetalcoder: Sorry to hear about your laptop. If/when you are ready to do some sieving, come on over to this thread.  |
|
| Back to top |
|
|
|
Open Topic & United-TI Talk => General Open Topic
