Samsung CERT File Edit or Generate as per Our IMEI

[Fastunlocker Server]

When we Open A Samsung Phone CERT File in Notepad - We can See The Text Below

its Some Encrypted Code - And Some Hashes

Can We Decrypt it ?

or can We Create Our Own CERT Files by using Any Generator or AT Commands ...?

Can Anyone Tell me Which Type Of Encryption Used in CERT Files ?

Code:

;BST Samsung CERT file
;Please do not edit this file
[Cert]
Model=SM-A500F
IMEI=356317062038144
SerNo=00000000000
KeyID=0756
ImeiSign=649A6FE5C855FBE16FC7FFC2C050E64E2C311BD9AC52D6783419CA382B00FF6C0A3F0E17D972093BC6DE36C6EB0B9243CC25A87298322CF5A3C049CC917252B613014A97556EB63993BCE7306B3BED767B8E174A1FD46739241FFECEC577D0685CE07B0E128D72172C2860039E271527F9EA5E6FC23D8F46ACF7DC9ACC422CBC639131D0F65FBA5C64DCD7DCB2AE571FABB7ABBAFC77A0D9C85D376C1D2F7C8B7F1CC65E7027B26F23EC8153BBC3495C5028C4BC4B3051AEABA3986C5B501399CFABD96019BB7D5B9817CC307794898024E337F6E8B9DB343D0F9FB4F1E7B07DC9C783257905BAB95CD0692EB67DF11DCADFD810DE75C45AA5746097A46CC26E
PubKey=400000002979788CE7CC8EFAB3EFB0EDAE5ADA769BD9CD7EDE776DF7B8B7B3FF23CBD1D452B95AE0EE77478CAF999574951737F6CC648025BAAA82F478E4E573DBF7CDD8305D097549F12EFE9908DE7AAC7AB4D210AA744C910994B80A542B9F73B72B936501E1EAA87C034C0038CF05C183BD22A85C122D19D1B9D17E01FA4762B0A4AF7BD2F8921139776A632FB589AF79D487F4FF9B939F7BFE1A0780AA3F26C7294AA9A4358D5511D5627F4418AB9C86C019588709502CEE003394ECB46A03A97D9CB4DA2A87E90C4AB9ADCBF1AC6225E7D2380F1B01FCB398B948AD69EE233571F436B0DEDE0AB7DF867D9EAFDCAD0FC26EAE97EC97364AC5E38F44F2DF1B29EF429777C0C2368CDFFE72A39381A8DAE169F78ACBF312700F4777A06D189703A67076E050F68E0CED05E7058614547F9F7C66155784E64CAC54DC21146A6908F920848F45D759845546343B8D1039129F6CC3DFF9D36059DBBAC27A96454C928E1043DC9FDF5C18FA68FFEE49E35E50E4154A96FC5651F4C373A06E512FF71433DEEBED937C0C7AA728D7E929BE06672F7F4A41A8F0D42ACD3C5F4186E6F46003C849D9826598FBB513807A3985277AE84A0DC6E4C808B8A189B3F24D7F3FE9B2FC0EA608F44503D42F32BF85A58898291125C61F3CEC8AA98D42B5127A0A4CF2212EB349CCECCFCBF631168282A013DF1DC7548B77E4D1870A5656EA492DCDD2E46F8CAE8C
PubKeySign=605375548051AF380FB9086F0949C553F07DCE4E8627BCF8B4D352EAD6E6B70DBD9637640E0E4877384DDBBAC71930066E6B30CFAB6E27A4285CB42A363095B77CAA38292BCC6BB36BFDEED5DE03F29999DA5C34AF2FF92C3EC9B11E3BBD19DDD31D207B00A5FA0682C27BD2909284CDEBBEB5DB879C09BF27F3389CC06E045297DAF18DE791D43FCA83B4B2F5C99B85FB58A5E87C9AB5B5D7DE3E280DA9DFFD2D7ABFFF572BD511DE5EAC29114217C3F4C3F542843DCCF0F26C69F049AC8E38744961170C4BA8B22F96255C8AD7C7B985FD3FF26F72B92C6198048FD77C4020BA98AB3EDAD8BA18A66D649215F84C4B54C2E2199016299FDE18688C90864FA0

[adhitya_1978]

before i have made thread, nobody replied.
if looks below part

Quote:

ImeiSign=649A6FE5C855FBE16FC7FFC2C050E64E2C311BD9A C52D6783419CA382B00FF6C0A3F0E17D972093BC6DE36C6EB0 B9243CC25A87298322CF5A3C049CC917252B613014A97556EB 63993BCE7306B3BED767B8E174A1FD46739241FFECEC577D06 85CE07B0E128D72172C2860039E271527F9EA5E6FC23D8F46A CF7DC9ACC422CBC639131D0F65FBA5C64DCD7DCB2AE571FABB 7ABBAFC77A0D9C85D376C1D2F7C8B7F1CC65E7027B26F23EC8 153BBC3495C5028C4BC4B3051AEABA3986C5B501399CFABD96 019BB7D5B9817CC307794898024E337F6E8B9DB343D0F9FB4F 1E7B07DC9C783257905BAB95CD0692EB67DF11DCADFD810DE7 5C45AA5746097A46CC26E PubKey=400000002979788CE7CC8EFAB3EFB0EDAE5ADA769BD 9CD7EDE776DF7B8B7B3FF23CBD1D452B95AE0EE77478CAF999 574951737F6CC648025BAAA82F478E4E573DBF7CDD8305D097 549F12EFE9908DE7AAC7AB4D210AA744C910994B80A542B9F7 3B72B936501E1EAA87C034C0038CF05C183BD22A85C122D19D 1B9D17E01FA4762B0A4AF7BD2F8921139776A632FB589AF79D 487F4FF9B939F7BFE1A0780AA3F26C7294AA9A4358D5511D56 27F4418AB9C86C019588709502CEE003394ECB46A03A97D9CB 4DA2A87E90C4AB9ADCBF1AC6225E7D2380F1B01FCB398B948A D69EE233571F436B0DEDE0AB7DF867D9EAFDCAD0FC26EAE97E C97364AC5E38F44F2DF1B29EF429777C0C2368CDFFE72A3938 1A8DAE169F78ACBF312700F4777A06D189703A67076E050F68 E0CED05E7058614547F9F7C66155784E64CAC54DC21146A690 8F920848F45D759845546343B8D1039129F6CC3DFF9D36059D BBAC27A96454C928E1043DC9FDF5C18FA68FFEE49E35E50E41 54A96FC5651F4C373A06E512FF71433DEEBED937C0C7AA728D 7E929BE06672F7F4A41A8F0D42ACD3C5F4186E6F46003C849D 9826598FBB513807A3985277AE84A0DC6E4C808B8A189B3F24 D7F3FE9B2FC0EA608F44503D42F32BF85A58898291125C61F3 CEC8AA98D42B5127A0A4CF2212EB349CCECCFCBF631168282A 013DF1DC7548B77E4D1870A5656EA492DCDD2E46F8CAE8C PubKeySign=605375548051AF380FB9086F0949C553F07DCE4 E8627BCF8B4D352EAD6E6B70DBD9637640E0E4877384DDBBAC 71930066E6B30CFAB6E27A4285CB42A363095B77CAA38292BC C6BB36BFDEED5DE03F29999DA5C34AF2FF92C3EC9B11E3BBD1 9DDD31D207B00A5FA0682C27BD2909284CDEBBEB5DB879C09B F27F3389CC06E045297DAF18DE791D43FCA83B4B2F5C99B85F B58A5E87C9AB5B5D7DE3E280DA9DFFD2D7ABFFF572BD511DE5 EAC29114217C3F4C3F542843DCCF0F26C69F049AC8E3874496 1170C4BA8B22F96255C8AD7C7B985FD3FF26F72B92C6198048 FD77C4020BA98AB3EDAD8BA18A66D649215F84C4B54C2E2199 016299FDE18688C90864FA0

imei should be sign with digital sign
for verifying using Pubkey,before verfy the imei pubkey will verify first.
if not wrong.
but must know what algorithm used.

if somebody know.. which part inside the firmware will check the certificate, make easier to analyze.

[tego101]

ImeiSign , IMEI + SERIAL + CPU + BASEBAND

[KGM-peshawar]

no you can,t create cert , or not change with notepad

[Fastunlocker Server]

What is The Secret Behind CERT Files ?

[Brka]

There is no any secret, it's simple cryptography,
cert files are signed with PRIVATE keys, which only FACTORY HAVE.

You or anyone else don't have them, and CAN NOT create cert files without it.

Phone hardware check cert via public key decrypting, and if matches,
security is ok, imei ok, network ok, all ok.

b.r.
Alex

[tego101]

Quote:

Originally Posted by Brka

There is no any secret, it's simple cryptography,
cert files are signed with PRIVATE keys, which only FACTORY HAVE.

You or anyone else don't have them, and CAN NOT create cert files without it.

Phone hardware check cert via public key decrypting, and if matches,
security is ok, imei ok, network ok, all ok.

b.r.
Alex

Do they use special hardware / boxes?

Sent from my SM-N920W8 using Tapatalk

[..::AppleLinks::..]

Quote:

Originally Posted by Brka

There is no any secret, it's simple cryptography,
cert files are signed with PRIVATE keys, which only FACTORY HAVE.

You or anyone else don't have them, and CAN NOT create cert files without it.

Phone hardware check cert via public key decrypting, and if matches,
security is ok, imei ok, network ok, all ok.

b.r.
Alex

but in old times when Nokia dct4 phone was released.and was needed rpl file for professionals to repair imei.at that time no any team was succeeded.except the first team was Griffin team.they was giving rpl file from their severs with credits.
after that BB5 rpl was generating impossible.

if so some team work hard they can break Samsung cert security

[Mark-Zone]

Quote:

Originally Posted by ..::AppleLinks::..

but in old times when Nokia dct4 phone was released.and was needed rpl file for professionals to repair imei.at that time no any team was succeeded.except the first team was Griffin team.they was giving rpl file from their severs with credits.
after that BB5 rpl was generating impossible.

if so some team work hard they can break Samsung cert security

not so big deal, they had TDS-6, that's it

Samsung crt is RSA thing, maybe after 10 years, who knows

[228914]

Imei Cert Is RSA 512

in theory if it is possible to generate the certificates.
PrivKey, it generates pubkey
For pubkey decrypts the message
PrivKey generate the PubKey

Internet HTTPS:
User: MSG + PubKey = MSGencrypt
Server: MSGencrypt + PrivKey = MSG

Samsung
Mobile : Imei = ImeiSing + PubKey
Samsung: ImeiSing = Imei + PrivKey

It looks like can be used to encrypt both to decrypt the PrivKey, but only PrivKey Encrypts and decrypts the message and pubkey if encrypts, decrypts and not vice versa.

[adhitya_1978]

Based on firmware, there is Boot,System,recovery, etc..
if somebody know.
where is block of memory will keep the certificate on phone ?

i thinks the certificate will be verify first when boot up.

[Victor]

Absolutely wrong! Imei cert is rsa 2048.
And if we see in theory RSA key components:

1. Full pack key is:
- PRIVATE EXPONENT - named D
- PUBLIC EXPONENT - named E
- MODULUS - named N

this is also know as PRIVATE KEY.

2. PUBLIC KEY:
- PUBLIC EXPONENT - E
- MODULUS - N (same as private)

In RSA you can ENCRYPT also with PUBLIC KEY but this message is possible to be decrypted only with PRIVATE KEY.
If ENCRYPT with PRIVATE KEY this msg can be decrypted from PUBLIC and from PRIVATE KEY.

Quote:

Originally Posted by 228914

Imei Cert Is RSA 512

in theory if it is possible to generate the certificates.
PrivKey, it generates pubkey
For pubkey decrypts the message
PrivKey generate the PubKey

Internet HTTPS:
User: MSG + PubKey = MSGencrypt
Server: MSGencrypt + PrivKey = MSG

Samsung
Mobile : Imei = ImeiSing + PubKey
Samsung: ImeiSing = Imei + PrivKey

It looks like can be used to encrypt both to decrypt the PrivKey, but only PrivKey Encrypts and decrypts the message and pubkey if encrypts, decrypts and not vice versa.

[Victor]

Quote:

Originally Posted by adhitya_1978

Based on firmware, there is Boot,System,recovery, etc..
if somebody know.
where is block of memory will keep the certificate on phone ?

i thinks the certificate will be verify first when boot up.

"block of memory will keep the certificate on phone " - In nvdata.bin very well CRYPTED with SYMETRIC ALGORITHM and key is based to HARDWARE_ID on phone.

[mr.p3rfekt]

Quote:

Originally Posted by Victor

"block of memory will keep the certificate on phone " - In nvdata.bin very well CRYPTED with SYMETRIC ALGORITHM and key is based to HARDWARE_ID on phone.

So what's really needed for generating this?
a Super PC ? i can afford it.
a Super Net? already Have it.
maybe it needs more digging around.

i can't believing there is no one can crack this code, the makers was humans and i bet the crackers will be.

[Victor]

Quote:

Originally Posted by mr.p3rfekt

So what's really needed for generating this?
a Super PC ? i can afford it.
a Super Net? already Have it.
maybe it needs more digging around.

i can't believing there is no one can crack this code, the makers was humans and i bet the crackers will be.

Don't act as ***! World not finish with 1,2,3,5,..10 video cards. This is rsa 2048 bit. 768 bit key is factored for 4 years with 2 university clusters 400 machines each. Yes rsa is made by humans but will be cracked from humans? If want crack this crack Samsung vpn and stole key.