Nagra Hex Block Decryption Research

[schwarzekatze]

Hi guys, anybody already know how dCWPK is generated (on receiver or card)?

There is a lot of false or just useless information that goes nowhere, but anyway this is what I discovery and tested for now about CAK6.3 and CWPK.

Need send NUID to CMD2A to can receive CW (crypted by 3DES), without this no CW is received in some or all HD channels.
This is a example of CMD2A:
A0 CA 00 00 1E 2A 1C 00 FF FF FF FF 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 11 42

A0 CA 00 00 => Header
1E => All Size without Header
2A => Command
1C = > Data Size
00 => ?? (not know)
FF FF FF FF => NUID
00 08 => OTP-CSC (maybe?)
00 00 => OTA-CSC (maybe?)
00 00 00 00 00 00 00 00 => ?? (not know)
00 00 00 00 00 00 00 00 => ?? (not know)
00 => ?? (not know)
22 11 => Provider ID
42 => Expected Response Size

After a lot of tests I discovery:
CWPK only change if NUID is changed.
OTP-CSC or OTA-CSC needs to be filled to enable CWPK, if both are 00 not will enable CWPK.
Change Provider ID or fill ?? data with random values not make any differ in CWPK.

All tests were performed on a DNASP142 RevG13

i didnt dig deep how it exactly works but basically from my opinion is just otp key matter

from my opinion provider A have root key AABBFF and its smartcards have same key

now when provider A smartcard receive nuid BBAACCFF it calculate SCK key from BBAACCFF+AABBFF = ECW encrypt dcw with sck calculated from obffuscated BBAACCFF+AABBFF value

in stb side cpu calculate same sck key from BBAACCFF+AABBFF it just does ecw decrypt , whether smartcard does dcw encrypt

now provider B doing exactly same with one exception - with the different otp key:

root key CCBBAA:

FFDDAACC+CCBBAA = ECW encrypt dcw smartcard side and dcw decrypt stb cpu side

it so called global dcw pairing closed to 1 provider
it is tied to 1 provider because obffuscated sck values have been calculated from unique otp key so even if you send provider A nuid to provider B smartcard it would calculate you wrong ecw because otp_key calculated sck would not match

 

[Benfica200]

ooops seems there will be new 4k nagra provider in poland with latest rom450 smartcard and longer ecm:

1870:

8030 A605A400 34625D129F349B4D54FCBF66EF0CD5A506123D2EFA4C4A81646668AC5B82CF17ED98AE90B4AD159C9ADF76D4FCBE5E6A7C43690B0D31A508633ABC74E8093B3232FF09C737DD36639D9B31A5DBB9EEB9077A45E4E062D2AD64950E35371AE37D37EF3894E40F10DBF1A56463D5456C67B696BE21E207CBDE1CC9AA3B28C9F5F0F968AA177E42F466CBF5F9F260FCC9BDB11B54B2139F66281C297246DE82093384E848
8130 A605A400 FF1E7B046BCB84A030AE865C09B38A02501FDA961FF72E5986AB24804B3E973BE6ACC3B1783F57AC73653CAA04EAAD4CCBB6C1943BB0B840FFA42FAAB7C4D2FD3AFA6372842C501C8BE89A5062AC6295F09D1A8EBC73252A9CC4BF2C9EDAEE3DB15951FF337B7E648E24C7B368E99ABE9343F1C214DD05BA865115A7DDE2A14B9818DF261F775EC328FFB3412EFA3C98F84F5430A0E6FA2DB2292AA9A238280538A41E

8030 (A6 len). (05:nano payload). A4ayload len 00 we have also new nano 05 there

Is very easy fix new ecm on oscam...

 

[schwarzekatze]

Is very easy fix new ecm on oscam...

well i dont think so
offcourse we could just imagine there now but from my opinion longer ecm meant more encryption processing
altrought maybe kudelsky bonus is not activated in tivushit r450 yet

 

[Benfica200]

Your wrong, this not have nothing new only need make some tricks to get ecm with ecw

 

[Benfica200]

well i dont think so
offcourse we could just imagine there now but from my opinion longer ecm meant more encryption processing
altrought maybe kudelsky bonus is not activated in tivushit r450 yet

Tivusat DNASP450 card reply with flag5c

 

[schwarzekatze]

Your wrong, this not have nothing new only need make some tricks to get ecm with ecw

ok
but there is also new nano 05 in ecm which i paste there

 

[Benfica200]

ok
but there is also new nano 05 in ecm which i paste there

You don't have permission to view the code content. Log in or register now.

 

[leandrotsampa]

i didnt dig deep how it exactly works but basically from my opinion is just otp key matter

from my opinion provider A have root key AABBFF and its smartcards have same key

now when provider A smartcard receive nuid BBAACCFF it calculate SCK key from BBAACCFF+AABBFF = ECW encrypt dcw with sck calculated from obffuscated BBAACCFF+AABBFF value

in stb side cpu calculate same sck key from BBAACCFF+AABBFF it just does ecw decrypt , whether smartcard does dcw encrypt

now provider B doing exactly same with one exception - with the different otp key:

root key CCBBAA:

FFDDAACC+CCBBAA = ECW encrypt dcw smartcard side and dcw decrypt stb cpu side

it so called global dcw pairing closed to 1 provider
it is tied to 1 provider because obffuscated sck values have been calculated from unique otp key so even if you send provider A nuid to provider B smartcard it would calculate you wrong ecw because otp_key calculated sck would not match

in STB side, key it's not calculated it's decypted.
Key is generated in factory and writed to STB, like others keys inside.

 

[schwarzekatze]

in STB side, key it's not calculated it's decypted.
Key is generated in factory and writed to STB, like others keys inside.

you have decrypted ecwpk keys from stb flash or from stb-emm by using result of otp_key+nuid calculation which is usually known as sck key
you are talking about flash keys me about cpu keys
these keys or key is calculated inside cpu and is used for decrypt ecwpk it is not outside so this is stb side , and this is calculation which include suposedly decryption or encryption also de-obffuscation we didnt know exact formula just some notes from public keyladder papers

@Benfica
dont see yours quote:
Code:
You don't have permission to view the code content.

 

[Benfica200]

Check link

 

[Benfica200]

you have decrypted ecwpk keys from stb flash or from stb-emm by using result of otp_key+nuid calculation which is usually known as sck key
you are talking about flash keys me about cpu keys
these keys or key is calculated inside cpu and is used for decrypt ecwpk it is not outside so this is stb side , and this is calculation which include suposedly decryption or encryption also de-obffuscation we didnt know exact formula just some notes from public keyladder papers

@Benfica
dont see yours quote:
Code:
You don't have permission to view the code content.

(ecm) get cw for ecm:2021/05/18 18:03:47 4B759F3E c (ecm) 80 30 A6 05 A - Pastebin.com

 

[Benfica200]

Right

 

[schwarzekatze]

(ecm) get cw for ecm:2021/05/18 18:03:47 4B759F3E c (ecm) 80 30 A6 05 A - Pastebin.com

ok thanks for informations

 

[osjavper]

explica más sobre tu problema.
¿Tienes algún basurero para analizar?

amigo soy un poco curioso y e venido buscando soluciones pero requiero de ayuda pues soy un poco distraído para poder enfocarme tiempo completo en el tema tengo un basurero para ver que revela

 

[osjavper]

¿Entonces es de rodata como MODs?

Busco asesoría para poder correr en modo CAK7

 

[osjavper]

¿Qué información te falta? El eCWPK suele estar en el bloque 97 en el flash en el caso de OTP-CSC. O usa OTA-CSC y luego el eCWPK se transmite en una transmisión 18FE. La tarjeta solo recibe el número del receptor e instrucciones sobre qué hacer dentro del ECM, ya tiene el comando, tal vez pueda verificar la explicación de HD +. El SoC tiene el mecanismo keyladder y, por supuesto, una clave raíz.

al final del proceso pide un archivo xxx.log me pueden colaborar con uno para probar

 

[osjavper]

Es muy fácil arreglar un nuevo ecm en oscam ...

hola amigo ayuda

 

[osjavper]

ha descifrado las claves ecwpk de stb flash o de stb-emm utilizando el resultado del cálculo otp_key + nuid, que generalmente se conoce como clave sck
estás hablando de llaves flash yo de llaves cpu
estas claves o clave se calculan dentro de la CPU y se utilizan para descifrar ecwpk no está afuera, así que este es el lado de stb, y este es un cálculo que incluye supuestamente descifrado o cifrado también desofuscación no sabíamos la fórmula exacta solo algunas notas de los papeles públicos de keyladder

[USER = 340945] @Benfica [/ USER]
no veas la tuya cita:
Código:
No tienes permiso para ver el contenido del código.

yo tampoco

 

[osjavper]

Hello everyone
I am going to open this topic after I have spoken and asked permission from an admin
to be able to continue our research topic.
We can talk and learn from everyone about this topic.
For those interested please, no insults and keep calm always so we can have a normal conversation
in this topic please like adults,
this way we will guarantee the continuity of this study topic for those interested to give and learn.

So many changes have been made lately in crypto systems.
who has studied the various new blocks that have appeared?
for example block 0370 who already burned brains studying him?
As i saw it has 370 bytes so maybe something hidden in it, that we already know from past?

Greetings to everyone

hello group my contribution

I share an information extracted from 2 STB of different reference ED-SA88 with ALi processor in the menu he indicates a verification code that comes out the STB id in decimal, card number, and 16_bis code
STB_1: 2251608257_59 0000000000_00 366F-E8E0-2989-5D14-331A-2370-3828-FC53
N ° STB N ° CARD
STB_2: 2253589201_10 0000000000_00 A356-0D73-2233-851D-8D61-4885-511E-B62F
N ° STB N ° CARD
the spaces that are in 000000000000 is because you do not have the card installed, I enter the cards and they are like this
STB_1: 2251608257_59 2294919068_88 9994-F83C-27BD-0912-C621-1DC7-B867-1168
N ° STB N ° CARD
STB_2: 2253589201_10 2409294971_83 2C45-6172-3B30-265C-D438-3161-BAEA-E9A0
N ° STB N ° CARD
I do these processes without the tuner connected as soon as I connect it, this 16_bis code varies partially, I go back and remove the tuner and the same code remains so I restart the STB
MY QUESTION WILL THIS BE THE CWPK OR THE CALCULATION THAT NEEDS TO DECRYPT THE E_CWPK THAT THE BLOCK BRINGS 0 X 00000097 ------ 0 x 000008E3
I took the trouble and destroyed another I extracted the bga 63 and the information does not show the blocks 0000016c, 00000097 I find the blocks 00000730 000008E3
someone knows how to interpret block 00000730
I REPEAT STB WITH ALi PROCESSOR THANKS FOR YOUR ATTENTION

 

[Benfica200]

hello group my contribution

I share an information extracted from 2 STB of different reference ED-SA88 with ALi processor in the menu he indicates a verification code that comes out the STB id in decimal, card number, and 16_bis code
STB_1: 2251608257_59 0000000000_00 366F-E8E0-2989-5D14-331A-2370-3828-FC53
N ° STB N ° CARD
STB_2: 2253589201_10 0000000000_00 A356-0D73-2233-851D-8D61-4885-511E-B62F
N ° STB N ° CARD
the spaces that are in 000000000000 is because you do not have the card installed, I enter the cards and they are like this
STB_1: 2251608257_59 2294919068_88 9994-F83C-27BD-0912-C621-1DC7-B867-1168
N ° STB N ° CARD
STB_2: 2253589201_10 2409294971_83 2C45-6172-3B30-265C-D438-3161-BAEA-E9A0
N ° STB N ° CARD
I do these processes without the tuner connected as soon as I connect it, this 16_bis code varies partially, I go back and remove the tuner and the same code remains so I restart the STB
MY QUESTION WILL THIS BE THE CWPK OR THE CALCULATION THAT NEEDS TO DECRYPT THE E_CWPK THAT THE BLOCK BRINGS 0 X 00000097 ------ 0 x 000008E3
I took the trouble and destroyed another I extracted the bga 63 and the information does not show the blocks 0000016c, 00000097 I find the blocks 00000730 000008E3
someone knows how to interpret block 00000730
I REPEAT STB WITH ALi PROCESSOR THANKS FOR YOUR ATTENTION

I think you're a little confused! There is no block 0730, look for your ird + 03 03.