Nagra 2: Boxkey Experiment

the_fallen_arc_angel

got something worth the while to shoot out there just a little food for thought as follows : Nagra 2: Boxkey Experiment

Backgound:

In our previous experiment we discussed the CONTROL words used in Nagra 1
and Nagra 2 and proposed a "thought" experiment whereby one could
conclusively determine if the CONTROL words are the same for both streams.
We introduced the IDEA encryption algorithm and suggested that this is the
cryptographic technique used with Nagra 2. Without attempting the actual
experiment, we concluded based on bandwidth considerations alone, that the
same MPEG-2 stream is being used for both Nagra 1 and Nagra 2 (i.e. - the
provider would be foolish to use twice as much video bandwidth to transmit
the same pictures to us---satellite bandwidth costs hundreds of millions of
dollars). Based on this, we concluded with a great deal of certainty that
the CONTROL words (which are used to "put together" the decoded MPEG-2
packets) were the same. Of course, with Nagra 1, we know that the CONTROL
words are encrypted using the cryptographic algorithm called DES. We also
know the Key0 and Key1 which is used with DES. Thus, we have no problem
decrypting the CONTROL words for the Nagra 1 stream.

What about the Nagra 2 stream? We surmised that the NAgra 2 stream uses the
encryption algorithm known as IDEA with different keys, namely IKey0 and
IKey1 which are unknown to us, but must reside somewhere in the EEPROM of
the Nagra 2 cards. But why are we justified in assuming that IDEA is the
encryption being used for Nagra 2? The answer is that "this is what the
experts" think! Not good enough...we need to be absolutely certain. We need
to prove this!

The following experiment will help us make sense out of the Nagra 2
encryption being used and also shed some light on the location of the
boxkeys used by Nagra 2.

Requirements:

-a subbed Nagra 2 system
-a Nagra 1 system
-two dataloggers; one for Nagra 1 setup and 1 for Nagra 2 setup
-copy of: "Applied Cryptography", By: Bruce Schneier (IDEA is outlined on
page319 / DES is outlined on page270)

Experiment:

Okay, we know from Nagra 1 that before the card gives the CONTROL words to
the receiver for processing, it encrypts them using DES and the receiver's 8
byte boxkey. This is the same boxkey you all enter into your ROM cards, etc.
This occurs when a command $13 is issued.

It is very likely that Nagra 2 encrypts the CONTROL words using IDEA before
it sends them to the receiver. But, what does it use for the boxkeys? The
same boxkeys as the Nagra 1 cards? Remember, IDEA requires a keylength of 16
bytes, whereas the original boxkeys we all know about are only 8 bytes long.
If we knew what boxkeys are being used for Nagra 2, then theoretically, we
could decrypt both the CONTROL words for Nagra 1 and NAgra 2 and compare to
see if they are the same! If they are, then we have found the boxkeys used
by Nagra 2, confirmed that 16 byte IDEA is being used and are well on our
way to decrypting Nagra 2 video.

Clearly, the 16 byte boxkeys being used must reside somewhere on the
receiver firmware. We can easily dump the firmware and store the hex values
in a text file. Now, write a high level C program that implements the IDEA
algorithm. See Schneir for the mathematical details -- the coding should be
straight forward. Next, write a routine that takes 16 bytes from the
firmware dump and tries to use that as the boxkeys for Nagra 2. Try
decrypting the Nagra 2 CONTROL words and see if they match the ones we know
from Nagra 1. IF they don't match, try different bytes from the firmware
dump. Keep trying! Most likely, the boxkeys for IDEA will be near or
adjacent to the serial number of the card in the firmware! Also, compare
the dumps of 2 different subbed Nagra 2 systems (with the exact same
subscription). Where the dumps differ is most likely the location of the
boxkeys!

Before you can try this, you will need to log the NAgra 1 and 2 streams and
tune into the same channel simultaneously. Log a few command $13 packet
responses and their corresponding Nagra 2 responses SIMULTANEOUSLY. If
someone is willing to do this and post it for us, it would make it a lot
easier to proceed with our Boxkey experiment!

Feedback from all the experts in this hobby would be greatly appreciated!

Good Luck!

boxnut

sounds similar to something i'm trying w/p4-d1 cards for dave

giver

Thi is all BS
This post was orginally made months ago,by someone that didn't know much about N2,so there is lots of errors in that post.
I hate whn someone takes time in copying and pasting without knowing things fully,so even when the post is wrong,they still continue poting.
If you want to know facts about nagra 2 a litle more,go to cardcoders forum,this will teach you most of that experiment is compeltely useless.
And also the post from al7bar forum about the "diamond" receiver is completely a marketing strategy.

ROLFW,please consider to be carefull about this posts copyed from other sites,which have many errors,like this one, and are promoting sales.
Get instructed about nagra 2 by reading cardcoders,so this lame and uninstructed posts do not sow up in your forum.
Thanks.

BGonaSTICK

Thanks giver, we know all about both of the things you mention, but we like to give people plenty of leeway here.

We don't like to censor people; we would rather let other posters put the record straight.

We're also not adverse to a bit of gossip and rumour. We don't insist that everything here is proven fact. It's a pretty light-hearted discussion and support forum.

Anyone who's been around the block knows the score. I'm fairly new to the sat scene but these things stick out like a sore thumb.

Regards.