• Welcome to Valhalla Legends Archive.
 

X-SHA-1 Discussion

Started by iNsAnE-MS, October 14, 2003, 12:07 AM

Previous topic - Next topic

iNsAnE-MS

Is there somewhere or some way I can find out how battle.net's modified SHA-1 is different from the original?

Moonshine

#1
Look at how a bot's SHA-1 hashing function works, then look at the FIPS 180-1 (The real SHA-1 Standard), which is available here: http://www.itl.nist.gov/fipspubs/fip180-1.htm

Adron

Basically they mixed up the operands to the bit shifting/rotating functions. Instead of rotating X by Y, they rotate Y by X (for example, instead of rotating 0xbaaaad00 7 steps to the right, making 0175555A, they rotate 0x00000007 0xbaaaad00 steps to the right, making 0x00000007). You should notice that this most probably greatly reduces the security of the algorithm.

c0ol

Quote from: Adron on October 15, 2003, 05:42 PM
You should notice that this most probably greatly reduces the security of the algorithm.
Do you have any idea why this was done?

iago

Quote from: c0ol on October 21, 2003, 08:03 PM
Quote from: Adron on October 15, 2003, 05:42 PM
You should notice that this most probably greatly reduces the security of the algorithm.
Do you have any idea why this was done?

To make it harder to guess, I would imagine, so people can't just use an out-of-the-box SHA-1 algorithm
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


Yoni

Maybe they did it by mistake, which would be typical of Blizzard... (Although now that I think of it, not so typical of the "old" Blizzard programmers who wrote this code to begin with.) Nobody really knows why.

Adron

If they had a macro with two arguments to do the actual rotate, and the arguments weren't named properly, rotating the wrong thing would be an easy mistake to make. And you wouldn't notice it unless you either checked the output with a reference implementation or carefully traced the code and checked the intermediate values. Both generate a random-looking output.

c0ol

well if they wanted to use the standard SHA-1, wouldn't they just use a premade function?

Skywing

Quote from: c0ol on October 22, 2003, 05:01 PM
well if they wanted to use the standard SHA-1, wouldn't they just use a premade function?
Blizzard's had a long history of insisting on doing things "the hard way" by reinventing the wheel.  They've also had a long history of reinventing the wheel incorrectly, as in this case.

iago

Quote from: Skywing on October 22, 2003, 05:24 PM
Quote from: c0ol on October 22, 2003, 05:01 PM
well if they wanted to use the standard SHA-1, wouldn't they just use a premade function?
Blizzard's had a long history of insisting on doing things "the hard way" by reinventing the wheel.  They've also had a long history of reinventing the wheel incorrectly, as in this case.

Don't forget, they design their stuff to be platform-independant, so they'll often write their own to make sure it runs the same.

Not that that's an excuse for doing it the hard way, but eh? :)
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


Kp

Quote from: Yoni on October 22, 2003, 01:48 AM
Maybe they did it by mistake, which would be typical of Blizzard... (Although now that I think of it, not so typical of the "old" Blizzard programmers who wrote this code to begin with.) Nobody really knows why.
Actually, silly typo related mistakes abound in the old Blizzard code.  Diablo is a great example of this; to this day, the spell Flash does incorrect damage because someone typed '2' instead of '20' in one of the equations, and they refuse to fix it even though people have told them exactly where the flaw is.  Similarly, many perfectly functional bosses fail to appear because of mistakes in entering the appropriate dungeon level.
[19:20:23] (BotNet) <[vL]Kp> Any idiot can make a bot with CSB, and many do!

Skywing

Quote from: iago on October 22, 2003, 05:31 PM
Quote from: Skywing on October 22, 2003, 05:24 PM
Quote from: c0ol on October 22, 2003, 05:01 PM
well if they wanted to use the standard SHA-1, wouldn't they just use a premade function?
Blizzard's had a long history of insisting on doing things "the hard way" by reinventing the wheel.  They've also had a long history of reinventing the wheel incorrectly, as in this case.

Don't forget, they design their stuff to be platform-independant, so they'll often write their own to make sure it runs the same.

Not that that's an excuse for doing it the hard way, but eh? :)
Virtually all of these things had free implementations available that are much more portable than Blizzard's.

Oh, and don't forget their broken UTF-8 processing (violates standard and introduces security holes by processing redundant encodings).

Banana fanna fo fanna

How about the fact that I log on with Brood War using 0x07?

Skywing

Quote from: St0rm.iD on October 22, 2003, 07:26 PM
How about the fact that I log on with Brood War using 0x07?
That's being lazy, which is something completely different.  Someone who is lazy would probably not want to spend so much time writing things already written.