Reply With Quotez1gg33 (29-07-09)
IRDETO2 Smartcards
As found on another Forum, could be helpful ????
IRDETO Smartcard.
The basic working of the IRDETO card is explained in this document, as it is a widely used encryption system.
This is only for the sake of interest!!!!!!!!!
On start up the IRD will request some information from the card to commence operation.
1) The IRD will reset the card and the card will respond with the ATR message. This message also contains the cards software version i.e. IRDETO ACS V1.2
3B 9F 21 0E 49 52 44 45 54 4F 20 41 43 53 20 56 31 2E 32 A0
3B 9F 21 0E 49 52 44 45 54 4F 20 41 43 53 20 56 32 2E 32 98 (IRDETO2)
2) The country code is requested.
01 02 02 03 00 00 3D
The card will respond with
01 02 00 00 02 03 10
02 01 99 06 01 06 02 06 03 06 04 07 41 Co Co Co Cs
3) The cards ASCII serial number is requested used only for information in the cam info display window.
01 02 00 03 00 00 3F
The card will respond with
01 02 00 00 00 03 14
3x 3x 3x 3x 3x 3x 3x 3x 3x 3x 43 38 31 33 31 36 41 20 20 20 Cs
4) The cards hex serial number is requested (used when the card is initialized).
01 02 01 03 00 00 3E
The card will respond with
01 02 00 00 01 03 00 10
FF FF FF 00 00 00 00 00 00 00 02 00 Hs Hs Hs 18 Cs
4a) The cards hex serial number is requested (used when the card is initialized). For IRDETO2 the hex serial number will let the IRD know how many providers are on the card.
01 02 01 03 00 00 3E
The card will respond with
01 02 00 00 01 03 00 10
FF FF FF 00 00 00 00 00 00 00 04 07 Hs Hs Hs 18 Cs
5a) The provider id for provider 00 is requested
01 02 03 03 00 00 3C
The card will respond with
01 02 00 00 03 03 00 18
Pg Pi Pi Pi 00 00 00 00 00 00 Dt Dt 3B 00 00 00 00 00 00 00 00 00 00 00 Cs
5b) The provider id for provider 10 is requested
01 02 03 03 01 00 3C
The card will respond with
01 02 00 00 03 03 01 18
Pg Pi Pi Pi 00 00 00 00 00 00 Dt Dt 3B 00 00 00 00 00 00 00 00 00 00 00 Cs
5c) The provider id for provider 20 is requested (IRDETO2)
01 02 03 03 02 00 3C
The card will respond with
01 02 00 00 03 03 00 18
Pg Pi Pi Pi 00 00 00 00 00 00 Dt Dt 3B 00 00 00 00 00 00 00 00 00 00 00 Cs
5d) The provider id for provider 30 is requested (IRDETO2)
01 02 03 03 03 00 3C
The card will respond with
01 02 00 00 03 03 01 18
Pg Pi Pi Pi 00 00 00 00 00 00 Dt Dt 3B 00 00 00 00 00 00 00 00 00 00 00 Cs
6) The card’s configuration is requested
01 02 08 03 00 00 37
The card will respond with
01 02 00 00 08 03 00 20
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Cs
6a) The card’s configuration is requested (IT**TO2 the card replys with 64 bytes)
01 02 08 03 00 00 37
The card will respond with
01 02 00 00 08 03 00 40
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Cs
7) The card’s card file 1 is requested
01 02 0E 02 00 00 30
The card will respond with
01 02 00 00 0E 02 00 40
( 64 Bytes of data) Cs
8) The card’s card file 2 is requested
01 02 0E 03 00 00 31
The card will respond with
01 02 00 00 0E 03 00 40
(64 Bytes of data) Cs
9) Enter home shopping pin (only on DSD720 & 720I IRD’s) Later versions utilizing interactive shopping.
01 02 0A 00 02 02 00 00 36
The card will respond with
01 02 50 00 0A 00 02 00 Cs
10) The IRD will now send public keys to be encrypted
01 02 11 00 00 40
( 64 bytes of data ) Cs
The card will respond with (Suspected that a RSA encryption is used) Used by banks for their networks and ATM machines data encryption.
01 02 58 00 11 00 00 40
(64 bytes of encrypted data) Cs
11) Send home shopping pin
01 02 0A 02 02 02 00 00 34
The card will respond with
01 02 5E 00 0A 02 02 00 Cs
12) The IRD will now send the cam key to be used
01 02 09 Kn 00 40
( 8 packets of 8 bytes to be used) Cs
The card will respond with
01 02 55 00 09 Kn 00 00 Cs
Kn: - Key number to extract out of message (packet of 8 bytes) 00 – 07
13) Now the IRD will start sending ECM’s and EMM’s to the card from the provider.
Cs: - Checksum All bytes xored and last xor with 0x3F
Co: - Country code
3x: - ASCII serial number
Hs: - Hex serial number
Pg: - Provider type
Pi: - Provider ID
Dt: - Date code
Kn: - CAM key number to be used
Structure and use of EMM’s
EMM commands: - Update of Masters keys
String composition.
01 01 00 00 00 LB
C3 Hs Hs Hs 00 Lb 62 03 Co Co Co 68 0D Pg 00 Mk Mk Mk Mk Mk Mk Mk Mk Pi Pi Pi S1 S2 S3 S4 S5 Cs
LB: - Length byte excluding checksum.
Lb: - Second length byte excluding checksum.
Hs: - Hex serial number.
62 03 Country code NANO
Co: - Country code
68 0D: - Master key update NANO
Pg: - Provider group. This sets the card for the provider ID to associate with this master key. This number is also sent to the IRD when the IRD requests the provider ID (after the length byte) (01 = Provider 00) (12 = Provider 10).
Normally the system uses 00 for provider 00 and 10 for provider 10.
Mk: - Master key (encrypted) Decrypt using the key decrypt algorithm.
Pi: - Provider ID
S1 – S5: - Signature calculated using the 10-byte hex master key.
Cs: - Checksum calculated starting with 0x3F and xoring the bytes with each other.
EMM commands: - Update of Plain keys
String composition.
01 01 00 00 00 LB
Pg Pi Pi Pi 00 Lb 40 02 Dt Dt 50 52 Pn Pk Pk Pk Pk Pk Pk Pk Pk Pn Pk Pk Pk Pk Pk Pk Pk Pk S1 S2 S3 S4 S5 Cs
LB: - Length byte excluding checksum.
Lb: - Second length byte excluding checksum.
Pg: - Provider Group that is addressed.
02(hex) This is normally used for provider 00
0A(hex) Provider Group 00 only first two bytes of address are used. (Used now)
Can be - 0000 0010 (bin) 02 (hex) Common address. (Normally used)
0000 1010(bin) 0A(hex) Provider 00 address if configuration is set to address
Provider 00 as if it is provider 10. (Used by SA system)
03(hex) This is normally used for provider 00
0B(hex) Provider ID 00 all three bytes of address are used. (Used now)
Can be - 0000 0011 (bin) 03 (hex) Common address.
0000 1011(bin) 0B(hex) Provider 00 address if configuration is set to address
Provider 00 as if it is provider 10. (Used by SA system)
0A(hex) This is normally used for provider 10
12(hex) Provider Group 10 only first two bytes of address are used. (Used now)
Can be - 0000 1010 (bin) 0A (hex) Common address.
0001 0010(bin) 12(hex) Provider 10 address if configuration is set to address
Provider 00 as if it is provider 10. (Used by SA system)
0B(hex) This is normally used for provider 10
13(hex) Provider ID 10 all three bytes of address are used. (Used now)
Can be - 0000 1011 (bin) 0B (hex) Common address.
0001 0011(bin) 13(hex) Provider 10 address if configuration is set to address
Provider 00 as if it is provider 10. (Used by SA system)
If Pg. = C3 (hex) 1100 0011(bin) The card is addressed by its hex serial number.
Pi: - Provider ID.
Dt: - Date code.
10 09: - Update 1 key NANO
50 52: - Update 2 key NANO
50 E4: - Update 4 key NANO
Pn: - Plain key number
Pk: - Plain key (encrypted) Decrypt using the key decrypt algorithm.
S1 – S5: - Signature.
Cs: - Checksum.
Structure and use of ECM’s
01 05 00 00 Kr LB
Cd Cd Pg Kn 00 Lb 00 02 Dt Dt 78 12 Kn Pn Sk Sk Sk Sk Sk Sk Sk Sk Sk Sk Sk Sk Sk Sk Sk Sk S1 S2 S3 S4 S5 Cs
LB: - Length byte excluding checksum.
Lb: - Second length byte excluding checksum.
Kr: - Key to return from ECM 02 = Two keys 00 = One key.
Cd: - Channel ID.
Pg: - Provider Group keys to use 10(hex) = Provider 00 20(hex) = Provider 10.
Kn: - Plain key number to use.
Dt: - Date code.
78 12: - ECM key NANO
Pn: - After decryption key i.e. (Key 1 or Key 2) to send back.
Sk: - Keys to decrypt 2 x 8 bytes.
S1 – S5: - Signature.
Cs: - Checksum.
Basic information
The IRDETO card contains the hexmaster key, ASCII serial number and hex serial number that is programmed in by the manufacturer.
When a person phones in to subscribe he reads the ASCII serial number to the operator. The operator then enters the number into a computer with a lookup table that will match the hex serial number to the ASCII serial number. The computer will now encrypt the master key with the hexmasterkey in the lookup table and setup the provider id and send it to the transmission station, the card will now receive this EMM and setup the provider id and save the decrypted master key.
The cards will still not work until an EMM message containing the plainkey is sent to the provider ID programmed into the card. The plainkey is decrypted using the decrypted masterkey.
The service provider must also send the channel ids to the card for the user to watch a certain channel.
The card will now decrypt the session keys in the ECM message using the decrypted plainkey. Then encrypt the sessionkey using the CAMKEY and send it to the CAM. The CAM will decrypt these keys and use them to descramble the raw data to rebuild the picture and sound and send the analog signal to a TV set.
The ECM is sent to the IRDETO card +/- every 15 seconds.
If ECM’s are sent slower this will enable the system to have more airtime to send EMM’s. This normally happens if masterkeys are being changed.
The EMM to update the plainkeys is sent +/- every 10 to 15 minutes.
The EMM to update the masterkey is sent +/- every 10 hours while the masterkey for that provider group is being changed. It normally happens every 3 weeks for 3 days
The provider can change the masterkeys, plainkeys and provider ID’s.
The system normally uses a common number as the masterkey. This number is then encrypted with the provider group and used as the masterkey for that group. Plainkeys are the same for all provider ID’s after being decrypted.
The signature must be calculated after decrypting the encrypted keys. The key used to decrypt with must be used to calculate the signature. The IRD uses the return codes from the card to display error messages on the screen.
If the plainkey is not valid you will get E30 Service is currently scrambled. If the masterkey is still valid this message will only be displayed until the plainkey is updated.
If the channel ID is not present or the timer has expired you will get E16 Service is currently scrambled.
If the provider ID for a bouquet is not programmed or enabled you will get E38 Service is currently scrambled.
The IRDETO card will not act on commands or save keys if the signature or checksum does not match.
IRDETO ALGO’S
IRDETO 2
The new version is somewhat different in that the messages sent to the cards are encrypted after the second length byte.
01 01 update commands
String composition.
01 01 00 00 00 LB
C3 Hs Hs Hs 00 Lb
B11 B12 B13 B14 B15 B16 B17 B18
B21 B22 B23 B24 B25 B26 B27 B28
B31 B32 B33 B34 B35 B36 B37 B38
S1 S2 S3 S4 S5 S6 S7 S8
Cs
The process is as follows ???
1) The signature is calculated.
2) The MK and PK’s are encrypted and put into the string.
3) The string is encrypted using the HMK for serial number addressed updates and the PMK for provider ID addressed updates.
4) I think the same algo’s are used for this encryption as what is used to encrypt the keys and the high part of the HEX SN and the PROV ID is used as the date code.
01 05 update command
01 05 00 00 02 LB
CH CH Pg Kn 00 Lb
B11 B12 B13 B14 B15 B16 B17 B18
B21 B22 B23 B24 B25 B26 B27 B28
B31 B32 B33 B34 B35 B36 B37 B38
B41 B42 B43 B44 B45 B46 B47 B48
S1 S2 S3 S4 S5 S6 S7 S8
Cs
The process is as follows ???
1) The signature is calculated.
2) The Session keys are encrypted and put into the string.
3) The string is encrypted using the PK.
4) I think the same algo’s are used for this encryption as what is used to encrypt the keys and the channel id is used as the date code.
Known facts
Table 1 is still the same.
The card crypt routine using the CAM key is still the same.
The Session keys are still 64 bit keys.
More on Irdeto:
starcomft@yahoo.com
z1gg33 (29-07-09)
| Look Here -> |
Well I don't know if I should thank you or question you but I must say as I was one of the first that saw this post and as others I cut and paste it as soon as I saw it in case it was deleted and will read and cheak it as soon I can. I am surprised that their is no comments and there is so many that will post for the sake of getting the post numbers up an yet no post so here for you is one.
KUBand taught us that stuff a long way back.
Here is another useless post...Originally Posted by Oscar
??
BlackDuck (15-04-10)
I see you are also trying to increase your post count with post like this. Maybe you should practice what you preach.
This and a lot more stuff can be found here. It's been here for a very long time. You didn't have to cut and paste anything.
No mate, Oscar's just telling you how it is, it isn't anybody here's fault your 5 years behind the times. There, do you want to add that to my post count?
Cheers
Ted (Al)
No I'm not 5 years behind as I said I was surprised that it received no comments but at least I got some. haha
I have all the docs but had to check if it was new or not but that is beside the point that I made.
What? There's only a time gap of 4 minutes between your post and the original poster.
Weirdo, that's err....12 hours and 4 minutes
Doh, where are my glasses lol
LOL I am always 5 years behind the times
Thanks for the post seeu and for the link to mate
When you do things right, people won't be sure that you have done anything at all
I thought it would become handy for some of you that read Moldavian forum and if you manage to get the tutorial from Mr besttt it would be even better.
I don’t have the privileges on that forum.
No prob B4L
All the best cu
LOL, what are you doing up so early bestie ?
The composition of the EMK string is the most interesting for me...
C3 Hs Hs Hs 00 Lb 62 03 Co Co Co 68 0D Pg 00 Mk Mk Mk Mk Mk Mk Mk Mk Pi Pi Pi S1 S2 S3 S4 S5 Cs
Would someone care to decipher the following Select EMK then ?
C36C6CCC00000030EADA0E10FF379BE4A60E19B24378FB9B76 2A4C4E7DE057AC796767393A9FB517F8DC6F4ED7F3FA016BB6 EB3D8B0C5626
No, it's not my HSN, it was picked randomly from a log yesterday...
Last edited by Hillsbysa; 26-04-09 at 11:22 AM.
All bestt has managed to do is trick the gamma card into entering update mode then sending it a partial update which it actually does not execute because he does not complete the update. He has grabbed different OS updates, mixed and matched them together. Because he never sends the final update finish command the gamma does not update it self. But what it does do is reset the card details area.
The card details string contained in his home brew .gam files is one from a working .gam created in Oct-2008. These details have never been killed off by nova. I wish they would thou. It would at least show how much of a fake he really is.
Have you noticed that he has not been able to reproduce a file for any of the other providers...
What would be better is some details on the C8 EMM. Then you could use your own STBs again.
LOL, what are you doing up so early bestie ?
The composition of the EMK string is the most interesting for me...
C3 Hs Hs Hs 00 Lb 62 03 Co Co Co 68 0D Pg 00 Mk Mk Mk Mk Mk Mk Mk Mk Pi Pi Pi S1 S2 S3 S4 S5 Cs
Would someone care to decipher the following Select EMK then ?
C36C6CCC00000030EADA0E10FF379BE4A60E19B24378FB9B76 2A4C4E7DE057AC796767393A9FB517F8DC6F4ED7F3FA016BB6 EB3D8B0C5626
No, it's not my HSN, it was picked randomly from a log yesterday...
Place I worked years ago, one of the blokes - we called him Adelaide.LOL I am always 5 years behind the times
)
He was always about 30 minutes behind everyone else.
* Bill Paxton is the only actor to be killed by Alien, a Terminator, and the Predator.
From Maldivian (4room)
To create 0201 cmd ...
To create the 0201 command you need to make in this format. "020100" is special instruction to gamma to receive an update string next two bytes tells gamma which 3DES key to use from possible 16 keys. For example 02010003 tells gamma to use the forth key. Its forth because starts from 0. example: 020100020048F4347C4D8FC5E3A29A67C67DD205.... here the gamma is told to use the third key because 020100002 (is 2 here starting from zero is 3rd key). Next is the length of the message. In this example is 48 (hex bytes). Next is the 8 byte DES cipher-block chained checksum (des-mac). This like digital signature. Next is 40 hex bytes of update message. Finally is the single byte CRC.
Re: To create 0201 cmd ...
Many people PM about how to create gamma update commands. Here is explain I put together for PMs
020100DKLNMMMMMMMMUSUL PAYLOAD CC
02 = Gamma update PDU
01 = CLA
00 = P1
DK = Index to 16byte Gamma update 3DES Key.
LN = Length of Message
MM = 8 Byte DES MAC
US = Update Selector (what to update)
For GSMK US = 01
For PMSK US = 02
For IV_PAD US = 03
For GMASK US = 04
For PMASK US = 05
For KEK US = 06
For COCO US = 08
For HSN US = 09
For ExiKey US = 0B
For AxiKey US = 0C
For ProviderID US = 10
For GroupKey US = 12
For ProductKey US = 13
For OS Erase US = 20
FOR OS Update US = 21
UL = Length of Update (for example for HSN UL = 03, for GMSK UL = 10, etc...)
PAYLOAD is the Update
CC = Message CRC or Checksum. Simply XOR message with 0x3F
OK to have multiple updates in one command.
Example:
020100DKLNMMMMMMMM0903HNHNHN0803COCOCO1003PIPIPICC
This command will update HSN (HN), Coco (CO) and Provider ID (PI) in one go.
The DES MAC is calculated by prepending an 8 octet confounder to the plaintext, performing a DES CBC-mode encryption on the result using the key and an initialization vector of zero, taking the last block of the ciphertext, prepending the same confounder and encrypting the pair using DES in cipher-block-chaining (CBC) mode using a a variant of the key, where the variant is computed by eXclusive-ORing the key
The message after LN is encrypted using the Triple DES mode CBC until the CC using 16 byte key in index DK
I thought the MAC was stuck on the end and not the beginning. Better go back and re-read the gamma source code
ag
Energy is the father of creation
yahoi!
yeah I agree with you agarol, back to the drawing board is the best solution! but who knows if the second part of the code addressing the gamma (PDU)is legit
regards
jawee
yep , r right
8 bytes mac at the end
first 8 bytes should compose nano message start and nanos of diff ird2 arguments
b.r
Posting Permissions
Bookmarks