Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

Pages: 1

#1 2009-06-11 07:39:48

rfider
Member
Registered: 2009-01-04
Posts: 15

Confused PARITY bit

Here are a peace of multiple-section authentication trace caught by PROXMARK

+  46339:    :     8e  93  f4  b0      !crc
+    113:   0: TAG f2  3b  6f  5a!   
+   1407:    :     25  44  85  86  7e  de  ad  9a      !crc
+     64:   0: TAG dd! 26! 35! 2a!  

key:
2A9E0E770EFF
uid:
d4b48109

ciphertext:
8e93f4b0
f23b6f5a
25448586 7edead9a
dd26352a

plaintext:
6008BDF7
7E6E5D73
AF491DE5 F3B13E3E
872FEAB0

there are two questions about the PARITY bit
1.why I can not get Reader's parity bits?

2.I don't really understand the way to calculate parity bits
take the nT above for example:

plaintext:
   7   E    6   E    5   D    7   3
01111110 01101110 01011101 01110011
        1        0        0        0

ciphertext:
   f   2    3   b    6   f    5   a
11110010 00111011 01101111 01011010
        0        0        1        1

keystream:
10001100 01010101 00110010 00101001

as mentioned,
parity bits are computed over the plaintext instead of over the ciphertext
and
parity bits are encrypted with the same bit of keystream that encrypts the first bit of the next byte of plaintext

so I guess the bits sent in the air are

11110010 1(1 XOR 0)
00111011 0(0 XOR 0)
01101111 0(0 XOR 0)
01011010 1(0 XOR 1, the next bit of keystream)

then i get the parity bits

plaintext:
1000
ciphertext:
0011
sent in air:
1001

f2  3b  6f  5a!

but there is only an exclamation on last byte, so what did the exclamation really mean?

Offline

#2 2009-06-11 08:36:43

rule
Member
Registered: 2008-05-21
Posts: 417

Re: Confused PARITY bit

I hope this explanation helps wink

ciphertext:
   f   2    3   b    6   f    5   a  |    2   5
11110010 00111011 01101111 01011010  | 00100101
        0        0        1        1 |         0

plaintext:
   7   E    6   E    5   D    7   3  |    A   F
01111110 01101110 01011101 01110011  | 10101111
        1        0        0        0 |         1

keystream:
10001100 01010101 00110010 00101001  | 10001010
         _______/ _______/ _______/ __________/
        /        /        /        / |
        1        0        1        0 |

Parity information for the transmitted data:
  plaintext: 1000
  keystream: 1010
             ----
sent in air: 0010 \___ only last bit has an incorrect parity (ISO14443-A), therefor the '!'
 ciphertext: 0011 /

Offline

#3 2009-06-11 10:09:31

rfider
Member
Registered: 2009-01-04
Posts: 15

Re: Confused PARITY bit

So, each bits of the bytes are sending in the reverse order.

I was not paying attention to it.

It helps me a lot:)

Besides, do you know why my PROXMARK can not get READER's parity bit(there is not any "!" in Reader's data)?

Offline

#4 2009-06-11 11:22:10

rule
Member
Registered: 2008-05-21
Posts: 417

Re: Confused PARITY bit

rfider wrote:

So, each bits of the bytes are sending in the reverse order.

Yes, the ISO14443-A describes this process. Each byte is transmitted in reversed order and appended with 1 bit containing the parity information.

rfider wrote:

Besides, do you know why my PROXMARK can not get READER's parity bit(there is not any "!" in Reader's data)?

I have no idea how this is possible, I have never seen this problem before.
Maybe you have changed important parts of the firmware? Or did you changed the GUI code?

Offline

Pages: 1

Board footer

Powered by FluxBB