|
Welcome to the GSM-Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. Only registered members may post questions, contact other members or search our database of over 8 million posts. Registration is fast, simple and absolutely free so please - Click to REGISTER! If you have any problems with the registration process or your account login, please contact contact us . |
|
Register | FAQ | Donate | Forum Rules | Root any Device | ★iPhone Unlock★ | ★ Direct Codes ★ | Direct Unlock Source | Today's Posts | Search |
GSM Programming & Reverse Engineering Here you can post all Kind of GSM Programming and Reverse Engineering tools and Secrets. |
| LinkBack | Thread Tools | Display Modes |
12-26-2013, 20:05 | #1 (permalink) |
Freak Poster Join Date: Dec 2009 Location: EU
Posts: 435
Member: 1178861 Status: Offline Sonork: 100.1590268 Thanks Meter: 60 | Nokia SL3 with CPLD idea Both are CoolRunner-II, one XC2C64 (Mtx Infinity 2), and other one XC2C128 (TX DGX v1.1). They have JTAG port and can be reprogrammed without problems. I saw some ideas about using FPGA or ASIC for SHA1 BF, which reminded me of these two I got. Technically, it is possible to program it to calculate SHA1 hash, but how fast it would be? Did anyone try, to share thoughts and experience? BR, Blagus |
12-26-2013, 21:30 | #2 (permalink) |
Freak Poster Join Date: Dec 2009 Location: EU
Posts: 435
Member: 1178861 Status: Offline Sonork: 100.1590268 Thanks Meter: 60 | I've just made some quick calculations, based on ighashgpu table, bitcoin FPGA experience and simple maths. Nokia SL3 has a total of 10^15 combinations. 1) When compared to some of the fastest bitcoin FPGA setups, which perform more complex maths - double SHA-256 compared to our SHA1: Let's say that FPGA has the speed of 60G/sec, at double SHA-256 hash bruteforcing. 60G = 60*10^9/sec The time required to cycle out every possible SL3 combination: 10^15 / (60*10^9) = 16666,67 sec = 277,77 min = 4,629 h = 4h 37min I won't get into how faster it would be with SHA1, these numbers are for double SHA-256. 2) Now, let's take a decent, low end PC (for a bruteforcer), for example, overclocked 4870, which would give ~1G/sec: 1000M = 1G = 10^9/sec Time = 10^15 / 10^9 = 10^6 sec = 16666,67 min = 277,77 h = 11,57 days 3) Goal would be to get close to BF-freaks on this forum who get 10G+/sec with 3x or 4xHD7970. 10 000M = 10G = 10*10^9/sec Time = 10^15 / (10*10^9) = 100k sec = 1666,67 min = 27,7 h = 1,16 days Even better - double speed, half time: 20G= 20*10^9/sec Time= 10^15 / (20*10^9) = 50k sec = 833,33 min = 13,89h = 13h 53min. Keep in mind the extra low power consumption of CPLD - a couple of watts compared to several hundred watts of a regular PC. |
12-26-2013, 23:24 | #5 (permalink) |
Freak Poster Join Date: Dec 2009 Location: EU
Posts: 435
Member: 1178861 Status: Offline Sonork: 100.1590268 Thanks Meter: 60 | So, we all have been fooled by the description of SL3 hash being SHA1($pass.$salt). All of the codes calculated and entered to phone are actually fake. This all is just a glitch in the Matrix! Back to the topic, I think I'll just write some code that will SHA1 all 10^15 combinations and blink the LED on each 10G combos processed just for the performance test. I took a look at the SL3 FPGA code, it isn't complex at all - store the hash and salt into a few registers, then go through all combos, append salt and compare to the original hash. If it matches, send it to PC via JTAG. |
12-28-2013, 06:45 | #6 (permalink) |
No Life Poster Join Date: Dec 2007
Posts: 7,598
Member: 651945 Status: Offline Thanks Meter: 20,118 | @blagus I did this some years ago using virtex 4 and realized that it is still cheaper to just use video cards gpu. Also making PCB for BGA with 400+ pins is a nightmare. You cannot even fit 1 sha-1 core in your coolrunner cplds, they are too "small" and does not have enough macrocells. The only way to beat the GPUs is to make custom SL3 asic. |
12-28-2013, 19:06 | #7 (permalink) | |
Freak Poster Join Date: Dec 2009 Location: EU
Posts: 435
Member: 1178861 Status: Offline Sonork: 100.1590268 Thanks Meter: 60 | Quote:
The PCB itself isn't a problem, XBox360 RGH solution is on a small board, QFP package, with JTAG pin-header. But, you say that it's too small for SHA1 code, so I'll forget about CPLD. Can you give me some details about how much macrocells/memory should a CPLD/FPGA have for SL3 calculation? I've actually just started learning about these devices, and SHA1 calculation isn't really a complex task, so I'd like to get something capable of doing it. I have just two SL3 phones that are just fine now, sim-locked, but if I could unlock them and learn something along, it would be nice. Of course, I wouldn't ruin (your) SL3 market, something with 2-3G/s (FPGA speed I found on this forum) can't catch up with 4x7970 *******s calculating >14G/s. | |
12-28-2013, 23:15 | #8 (permalink) |
No Life Poster Join Date: Aug 2008 Location: The Matrix :) Age: 36
Posts: 654
Member: 833760 Status: Offline Sonork: 100.1597150 Thanks Meter: 114 | Application specific chip is the best option for you only need a lot of money and some people with extraordinary knowledge based on mathematics and crypto. Try to google for litecoin or bitcoin asics/fpga research topics. We can't compare LTC scrypt or sha256 with our SHA1 problem but you can clearly see how hard to develop an application specific device. |
12-29-2013, 11:56 | #9 (permalink) | |
No Life Poster Join Date: Apr 2004
Posts: 753
Member: 61389 Status: Offline Thanks Meter: 193 | Quote:
https://en.bitcoin.it/wiki/ZTEX_FPGA...Bitcoin_Mining ohh and almost forgot the ******* is this board not the 4x7970 https://en.bitcoin.it/wiki/Xtreme_Miners_Lion | |
The Following User Says Thank You to jodge For This Useful Post: |
12-29-2013, 11:58 | #10 (permalink) | |
No Life Poster Join Date: Feb 2000 Location: UK
Posts: 3,186
Member: 1024 Status: Offline Thanks Meter: 5,510 | Quote:
USB-FPGA Module 1.15x: Spartan 6 LX150 FPGA Board with USB 2.0 Microcontroller https://github.com/fpgaminer/sha1_collider Hope this helps. BR | |
12-30-2013, 20:10 | #12 (permalink) | |
Freak Poster Join Date: Dec 2009 Location: EU
Posts: 435
Member: 1178861 Status: Offline Sonork: 100.1590268 Thanks Meter: 60 | Thanks for all the input guys. I took a look at Spartan 6 SHA1 code, and it doesn't fit my pocket - but I won't quit, if I manage to do something on some cheap FPGA board I'll let you know Quote:
10TH would be a bit better as it gives you 115,7 days but it's still too much. To make it reasonable you'd need something capable of 100TH/s to get 11,57 days, and the only thing that could do it would be some very optimized ASIC design. | |
The Following User Says Thank You to blagus For This Useful Post: |
12-30-2013, 20:26 | #13 (permalink) | |
Moderator Join Date: Jun 1999 Location: Serbia Age: 48
Posts: 8,211
Member: 163 Status: Offline Thanks Meter: 7,789 | Quote:
... if somebody manage to write some code for it + some Raspberry PI or something, as controller for them ... And about those "TeraHash" values ... don't dream too much. In fact, sl3 is not much different than sha-256/double round, but would require customized ASIC, none of existing cant be used. b.r. Alex | |
Bookmarks |
| |
|