Differences

This shows you the differences between two versions of the page.

--- project:gsm:deka:start [2016/08/27 05:56] – [Attack in a nutshell] jenda
+++ project:gsm:deka:start [2022/03/25 19:42] (current) – [Attack in a nutshell] update link jenda
@@ Line 2: / Line 2: @@
 ====== Deka - an OpenCL A5/1 cracker ======
-Deka is a fast, free and portable A5/1 (that's the cipher used in mobile phones) cracker written in OpenCL. Thanks to efficient use of vector instructions and hard-drive NCQ, the Kc key on a real-world GSM network can usually be recovered in 5-60 seconds depending on network security, signal quality etc. (test machine is a high-end desktop: 8 core AMD FX-8150, 32 GB RAM, 3x ATI HD 7970, 4x ADATA SX900)
+Deka is a fast, free and portable A5/1 (that's the cipher used in mobile phones) cracker written in OpenCL. Thanks to efficient use of vector instructions and hard-drive NCQ, the Kc key on a real-world GSM network can usually be recovered in 5-60 seconds with 2 minutes RTT (i.e., cracking many keys in parallel) depending on network security, signal quality etc. (test machine is a high-end desktop: 8 core AMD FX-8150, 32 GB RAM, 3x ATI HD 7970, 4x ADATA SX900)
 Deka started as an attempt to port [[https://opensource.srlabs.de/projects/a51-decrypt|Kraken]], the first A5/1 cracker available, to AMD GCN architecture, and resulted in a complete rewrite. Deka is binary compatible with Kraken, allowing easy evaluation and seamless switch.
@@ Line 26: / Line 26: @@
 Nice to have features:
   * "cancel" command to cancel processing of a given burst. This is useful when the key is successfully recovered and so there is no use to continue computing.
+Alternative features:
+  * delta.py does not use barriers/conditional variables, but busy waiting
+  * paplon.py leaks memory -- reportqs are not freed when the client disconnects
 ===== Attack in a nutshell =====
 TL;DR You can go through the A5/1 keyspace and save some "distinguished points". When you want to recover the key, you reconstruct the keyspace from the nearest distinguished point. ([[attack-theory|I want to know more!]])
-Deka listens on a TCP socket, waits for a keystream and once you submit one, it finds a secret state that resulted in this keystream. Hence you need some GSM sniffer, keystream guesser, TCP client and secret state processor. [[:user:jenda:gsm|gsmtk]] implements exactly that.
+Deka listens on a TCP socket, waits for a keystream and once you submit one, it finds a secret state that resulted in this keystream. Hence you need some GSM sniffer, keystream guesser, TCP client and secret state processor. [[https://jenda.hrach.eu/w/gsm|gsmtk]] implements exactly that.
 Recommended configuration:
@@ Line 40: / Line 44: @@
   * 8 or better 16 GB RAM to fit the table index, track bursts and have some space for block cache
   * OpenCL capable card, or several of them
+    * Deka has been tested on AMD HD7970 and nVidia GTX 610M (which is of course slow).
   * 1.7TB of fast storage - SSDs at best. And probably some SATA controller that does not have problems with lots of random reads.
 ===== Documentation =====
@@ Line 51: / Line 56: @@
 ===== Getting deka =====
-  * git clone http://jenda.hrach.eu/p/deka
+  * git clone https://jenda.hrach.eu/p/deka
-  * GitWeb: http://jenda.hrach.eu/gitweb/?p=deka;a=summary
+  * GitWeb: https://jenda.hrach.eu/gitweb/?p=deka;a=summary
 ===== Contacts =====
@@ Line 65: / Line 70: @@
 </note>
-http://jenda.hrach.eu/
+https://jenda.hrach.eu/
 ===== Credits =====
-  * Řehoř Gölöncséryi (niekt0) and Tomash (sysop) for introducing me to GSM security and the [[:project:gsm|GSMstack toolkit]] and advice regarding how wrong it is and what should I do better.
+  * Řehoř Gölöncséryi (niekt0) and Tomash (sysop) for introducing me to GSM security and the [[project:gsm:start|GSMstack toolkit]] and advice regarding how wrong it is and what should I do better.
   * Kraken team, as there is very few documentation available - reading their sources was a great help in understanding the attack.