Raistlin
11-06-2002, 04:10 PM
"Give a man a fish and he can eat for a day, Teach a man to fish and he can eat for a lifetime."
Ok, i'm going to go ahead and take off the flame retardant suit and step up on the podium with a big red target painted on my chest. Go ahead and fire. Feel free to use this as the encryption stupid faq thread that you guys need...
Please correct me when (not if) and where i'm wrong here, i'm trying to get a handle on how the encryption scheme in EQ works now a days so that I know WHAT the problem is. I find it easier to discuss the merits / detriments of ideas when I understand what the problem that needs fixed is first.
The way I understand the EQ encryption to now work is as follows:
1) Client Generates a Public/Private Key sequence. (client now holds CPriv - Client Private Key, and CPub - Client Public Key).
2) Client sends Server CPub (Client Public Key) - Client now holds CPriv and CPub, server now holds CPub. (Question: Wouldn't cpub have to go across the wire unencrypted? Not that this does us that much good.)
3) Server Generates Public/Private key sequence for server.
Client contains CPub, CPriv. Server contains CPub, SPub, SPriv.
4) Server encrypts SPub with CPub and sends Spub to client - Client contains CPub, CPriv, Encrypted SPub. Server Contains CPub, SPub, SPriv.
5) Client decrypts SPub using CPriv to obtain SPub. Client now contains CPub, CPriv, SPub. Server Contains CPub, SPub, SPriv.
6) Client/Server communication continues with packets being encrypted on Client using CPriv and decripted on server using CPub. And Server packets encrypted using SPriv, and decrypted using SPub.
Here's where I have questions. Is it CPriv or SPub that is used by the client to encrypt it's data? Or conversely is it CPub that the server uses to decrypt client data or SPriv?
Anyway, by my estimation the only key that ever crossed the wire that we can get ahold of is the key we could use to get data FROM the client to the server, not visa versa. The key we need to decrypt the information sent from the server never crossed the wire, meaning that the only way for SEQ to decrypt the data is to tell SEQ what either CPriv or SPub is (depending on the question above). Since it never goes across the wire in a format we could break, there's no way that SEQ can be maintained passive.
The next thing is that CPriv/CPub and SPriv/SPub are re-generated each time you zone. Therefor it's not a one time crack / load of the game...it's a crack each time you zone...
Ok, I know i'm missing alot here, so teach me to fish guys. Where am I wrong above? I know "session key" is mentioned alot, and I'm pretty sure this is another key that is used in some way to encrypt step 2 so that NO key goes across the wire unencrypted.
Go ahead, shoot your arrows, sling your stones...but teach me what i'm doing wrong. I could go out to the net and look at a 1500 page whitepaper on PKI/Encryption and burn out my retinas and bore myself to tears with theoretical discussions of mathimatical algorithms that I have no hope of understanding...or I can ask for the cliff notes version of those papers...that's what this is.
-Raistlin
Ok, i'm going to go ahead and take off the flame retardant suit and step up on the podium with a big red target painted on my chest. Go ahead and fire. Feel free to use this as the encryption stupid faq thread that you guys need...
Please correct me when (not if) and where i'm wrong here, i'm trying to get a handle on how the encryption scheme in EQ works now a days so that I know WHAT the problem is. I find it easier to discuss the merits / detriments of ideas when I understand what the problem that needs fixed is first.
The way I understand the EQ encryption to now work is as follows:
1) Client Generates a Public/Private Key sequence. (client now holds CPriv - Client Private Key, and CPub - Client Public Key).
2) Client sends Server CPub (Client Public Key) - Client now holds CPriv and CPub, server now holds CPub. (Question: Wouldn't cpub have to go across the wire unencrypted? Not that this does us that much good.)
3) Server Generates Public/Private key sequence for server.
Client contains CPub, CPriv. Server contains CPub, SPub, SPriv.
4) Server encrypts SPub with CPub and sends Spub to client - Client contains CPub, CPriv, Encrypted SPub. Server Contains CPub, SPub, SPriv.
5) Client decrypts SPub using CPriv to obtain SPub. Client now contains CPub, CPriv, SPub. Server Contains CPub, SPub, SPriv.
6) Client/Server communication continues with packets being encrypted on Client using CPriv and decripted on server using CPub. And Server packets encrypted using SPriv, and decrypted using SPub.
Here's where I have questions. Is it CPriv or SPub that is used by the client to encrypt it's data? Or conversely is it CPub that the server uses to decrypt client data or SPriv?
Anyway, by my estimation the only key that ever crossed the wire that we can get ahold of is the key we could use to get data FROM the client to the server, not visa versa. The key we need to decrypt the information sent from the server never crossed the wire, meaning that the only way for SEQ to decrypt the data is to tell SEQ what either CPriv or SPub is (depending on the question above). Since it never goes across the wire in a format we could break, there's no way that SEQ can be maintained passive.
The next thing is that CPriv/CPub and SPriv/SPub are re-generated each time you zone. Therefor it's not a one time crack / load of the game...it's a crack each time you zone...
Ok, I know i'm missing alot here, so teach me to fish guys. Where am I wrong above? I know "session key" is mentioned alot, and I'm pretty sure this is another key that is used in some way to encrypt step 2 so that NO key goes across the wire unencrypted.
Go ahead, shoot your arrows, sling your stones...but teach me what i'm doing wrong. I could go out to the net and look at a 1500 page whitepaper on PKI/Encryption and burn out my retinas and bore myself to tears with theoretical discussions of mathimatical algorithms that I have no hope of understanding...or I can ask for the cliff notes version of those papers...that's what this is.
-Raistlin