On Wed, Nov 14, 2012 at 1:05 PM, Andreas <[email protected]> wrote: > Dear friends of AES1660, > > > here you find my analysis of what is happening in the usb traffic between > win driver and AES1660: > > http://www.andreas-loos.com/AES1660.zip > > The zip contains virtually anything I know so far. Vasily asked for usb logs > with complete traffic that can be compared. For this, take for instance log > 2 (my favorite reference), log 5 and log 8. > > The good news is that many commands seem to be not encrypted like in AES2550 > (or was it AES2850?). To be CORRECT in detail: There *are* in fact lots of > encrypted commands, as Vasily remarks, but for them encryption is obviously > the same in each run. So I think, these parts can be easily reproduced as > black box. > > The bad news is that we still cannot switch the thing into raw mode or know > anything about the encryption. (Thanks for your helpful comments, Vasily! > You are probably right, keys are probably not transferred unencrypted and > the 583 byte thing is surely not a single long key.) > > Any ideas how to proceed? > > Best, > andreas
Look at log you've send to me, seq no 277, it's definitely non-encrypted data from sensor! 0x49, 0x44, 0x02 - envelope? 0x0d, 0x00, 0x00 - some multibyte command, no payload 0xe0, 0x22, 0x02 - E-data from sensor, 4 bit per pixel. Exact data starts from 0x22 byte, and looks like it's some 31-byte pattern: 2501 4892 a46d 93ec ff37 816c db7e 5b5a 1280 2449 da36 c9fe 7f13 c8b6 edb7 a5 Then after 0x222 bytes: 0xde, 0x10, 0x00 - histogram data After 0x10 bytes: 0xdf, 0x06, 0x00 - authentication message Regards Vasily _______________________________________________ fprint mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/fprint
