[A51] Rainbow Tables

Jan Hrach jenda at yakumo.hrach.eu
Wed Aug 26 12:41:35 CEST 2015


Hello,

> But since
> for lookup I would require exactly the same round functions and I don't know
> exactly what round functions they have used for generation of the a51
> tables. So is there any way to know what round functions they have used, so
> that I can directly purchase the HDD from the site and integrate it to my
> lookup source code.

if this is still needed, you can find the extracted RFs from original Kraken at http://jenda.hrach.eu/gitweb/?p=deka;a=blob;f=tables.h;h=58babbb9bb3508a109751c842a9ef23a0146820c;hb=9d97e2152fcc5b2f5fb80ecf3af839976304f2b9 The first one is for table 100 and they go on up to 999 (yes, they repeat. I will compact it in the future)

Have a look at the rest of the source, for example libvankus.c, to see how they are used.

(by the way they can be generated algorithmically, it's somewhere in the Kraken source)


...speaking of which, the above header file is a part of deka, a portable A5/1 cracker written in OpenCL, designed as a drop-in replacement of Kraken which depends on unsupported Brook and runs only on ATI HD4/5/6xxx cards. There is still some work to do as I finished it today's night, but I have already cracked real GSM keys with it.
https://brmlab.cz/project/gsm/deka/start

> Whats the efficiency of the rainbow tables that you have provided..i mean suppose out of 100 calls hpw many should get detected?

I don't know the efficiency of Kraken's rainbow tables either! Better run some tests...

On 26.8.2015 11:39, Snehasish Kar wrote:
> hello Dean
> 
> Whats the efficiency of the rainbow tables that you have provided..i mean suppose out of 100 calls hpw many should get detected?
> 
>> Date: Wed, 15 Jul 2015 13:35:44 -0700
>> Subject: Re: [A51] Rainbow Tables
>> From: pierce403 at gmail.com
>> To: snehasish.cse at live.com
>> CC: yaniv.sharon at gmail.com; a51 at lists.srlabs.de
>>
>> I've never messed with generating my own tables, and I'm not sure what
>> settings were used to generate the tables found in the torrent. I
>> know that when I run kraken, I don't have to put in any special
>> parameters or anything.
>>
>> - DEAN
>>
>> On Wed, Jul 15, 2015 at 1:22 PM, Snehasish Kar <snehasish.cse at live.com> wrote:
>> > Dear Dean
>> >
>> > Actually I was trying to generate the tables by myself using the references
>> > of Dr. Nohl, but I dont have much computational power to generate the entire
>> > 1.8 TB rainbow table. I do have most of the parameters of kraken, like no of
>> > round function: 8, sub chain length: 2^12 and DP: last 12 bits 0. But since
>> > for lookup I would require exactly the same round functions and I don't know
>> > exactly what round functions they have used for generation of the a51
>> > tables. So is there any way to know what round functions they have used, so
>> > that I can directly purchase the HDD from the site and integrate it to my
>> > lookup source code.
>> >
>> >> Date: Wed, 15 Jul 2015 12:54:58 -0700
>> >> Subject: Re: [A51] Rainbow Tables
>> >> From: pierce403 at gmail.com
>> >> To: snehasish.cse at live.com
>> >> CC: yaniv.sharon at gmail.com; a51 at lists.srlabs.de
>> >
>> >>
>> >> So the scripts I wrote assume you have a 2 TB WD Passport target drive
>> >> plugged in, then it partitions it such that you have a 5 gig partition
>> >> up front (/dev/sdb1), and creates a blank partition behind that
>> >> (/dev/sdb2), where it injects the tables (as downloaded from the
>> >> torrent). The place_tables.sh script pretty much replaces Behemoth,
>> >> and uses TableConvert to place the tables directly, not even
>> >> generating the indexes (I just re-use the same indexes that I
>> >> generated the first time I ran the tool). It then moves over a
>> >> precompiled kraken binary which works on Kali, and instructions for
>> >> use.
>> >>
>> >> I wrote these scripts when I needed to make like 15 of these rainbow
>> >> table drives as quickly as possible (It took about 10 hours per
>> >> drive), which I sold (for the cost of the drive) at DEFCON last year
>> >> as part of the NSA Playset work we've been doing.
>> >>
>> >> - DEAN
>> >>
>> >> On Wed, Jul 15, 2015 at 11:52 AM, Snehasish Kar <snehasish.cse at live.com>
>> >> wrote:
>> >> > Hi Dean
>> >> >
>> >> > Do they provide support with the table parameters like, what is the
>> >> > chain-length,no of round functions and what round functions n are they
>> >> > using, so that I can integrate it with my own lookup code.
>> >> >
>> >> >> Date: Wed, 15 Jul 2015 11:26:49 -0700
>> >> >> From: pierce403 at gmail.com
>> >> >> To: yaniv.sharon at gmail.com
>> >> >> CC: A51 at lists.srlabs.de
>> >> >> Subject: Re: [A51] Rainbow Tables
>> >> >
>> >> >>
>> >> >> Hacker Warehouse sells a harddrive with the A5/1 tables and a set of
>> >> >> scripts I wrote to inject the tables and the required tools onto
>> >> >> another drive.
>> >> >>
>> >> >> http://hackerwarehouse.com/product/rainbow-tables-hdd/
>> >> >>
>> >> >> - DEAN
>> >> >>
>> >> >> On Wed, Jul 15, 2015 at 7:21 AM, Yaniv Sharon <yaniv.sharon at gmail.com>
>> >> >> wrote:
>> >> >> > Hello all…!
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > Who can help me to get the Rainbow Tables [A5/1]
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > ?
>> >> >> >
>> >> >> >
>> >> >> >
>> >> >> > Thnx
>> >> >> >
>> >> >> >
>> >> >> > _______________________________________________
>> >> >> > A51 mailing list
>> >> >> > A51 at lists.srlabs.de
>> >> >> > https://lists.srlabs.de/cgi-bin/mailman/listinfo/a51
>> >> >> >
>> >> >> _______________________________________________
>> >> >> A51 mailing list
>> >> >> A51 at lists.srlabs.de
>> >> >> https://lists.srlabs.de/cgi-bin/mailman/listinfo/a51
> 
> 
> _______________________________________________
> A51 mailing list
> A51 at lists.srlabs.de
> https://lists.srlabs.de/cgi-bin/mailman/listinfo/a51
> 


-- 
Jan Hrach, http://jenda.hrach.eu/
GPG CD98 5440 4372 0C6D 164D A24D F019 2F8E 6527 282E



More information about the A51 mailing list