Diego Elio Pettenò

End of day updates: I have updated the shared HID protocol with more details, as it looks like the initialisation is much shorter than I thought, for most other devices....

Silly me — it needs to have 32 bytes to be AES256 — but we have 8 bytes only at best. At 64-bit encryption, options are fairly limited. DES is...

So I have not managed to find time to set up a second VM to check if there's any at-install generation of secret material, here's three separate runs of the...

There is a sensor paired to the reader in the three traces I shared earlier. But that's not affecting the pre-encryption commands, as they behave the same in the first...

So, I just realized I spoke too soon. When I compare the _three_ captures I got for the initialization, two receive the same initial response (which is also the same...

So I got some news from a deep dive into the code of the software itself. - The encryption is not a simple xor-based one, but is something with HMACs...

End-of-weekend update: * My best guess is that the encryption uses an Encrypt-then-MAC system (EtM). * There are two sets of keys that are generated: one for the authentication handshake,...

@DreadRoberts if you want a copy hit me by email (email in the repo) and I'll be happy to share. So I went back to this after a few more...

Also it's either a stream cipher or one with 64-bit blocks. Since my first few captures had the same 15-bytes coming from the device, I can say that the same...

I managed to find more information: * The remaining 7 bytes from CHALLENGE are the IV (initialization vector) for the encryption. * Each encrypted message (after setup) has four bytes...