First of all, Hi to all of you. I got an new ipod, and thought it would be cool to have linux on it, so I investigated and ended up here.
I've read the late part of your mailing list, and this is what you've come up with (added with some of my own conclusions of what you and the ipodlinux site have written): (Please correct everything that's wrong) === Game === It could be possible to make a game that extracts the ram, which somehow makes it possible to get the encryption. === Cipher === You've concluded that it doesn't use a stream cipher becouse of the xor attack (or what it's called). Thus it's a block cipher, which is very hard to crack. === The key === There's some kind of key or checksum at the start of each firmware file. It could be the key of the cipher, but that could again mean it's a stream cipher, but it could as well be a block cipher. It could also be a checksum, but if I remember correctly what someone wrote on the documentation, someone changed some data in a file, and it still booted. If that is true, then it can't be a checksum. So it can be the key, or garbage. Also, we don't know why there are two 20 byte fields. === Itunes === Itunes only downloads the firware, writes it to the ipod when upgrading firmware. The ipod then loads the aupd.fw file, decrypts it and stores it in the EPROM. This is true for all ipods. === EPROM === Can't we load linux on an older ipod, read the eprom, and then compare it against the aupd.fw file? Wouldn't that give us the input, and the output (asuming that it's using the same cipher). And if the it is the key we got in the header of the file, then it's only the cipher type that's missing... Is the cipher type hard to find? Niklas Ulvinge _______________________________________________ Linux4nano-dev mailing list [email protected] https://mail.gna.org/listinfo/linux4nano-dev http://www.linux4nano.org
