Hi experts (I hope so )
During the last 10 days I read (and learned) a lot of RC4, DH, RSA and about the habbo encryption at all.
But I still don't exactly get what is used when and for what.
Please can somebody enlight me.
Name convention I use concering the communication parties:
C2S = Data sent from Client to Server
S2C = Data sent from Server to Client
struct = data structure
DH = Diffie Hellmann
If I take a look at what happens when the client connects to the server, I see this:
-----------------------------------------------
Packet 0:
C2S: "RELEASE63-201409091405-264511892",[0][0],133310
struct: String,Bool,Bool,Long
Packet 1:
S2C: "819dd5cd0fc94e72ba7aa9bf144be58e44d21eddb4fe8b4644bb560e310656cbf56b8d6a09cdd18dd008764a40ad44ec7e99550ff72fba01d656171726239d3d7556fe7f96bba4309a2731822cc14201eaeee5f8989b89867b485b0dde3cfd81af17028d63e80364c84a943eb33a65db4490bb3964e82c685ac7321cef706a26","6569d27090e17ce11e0b8bb44760f692f4e7750a22e39554e225792397461e8540622d96689df76a310a6e342411289f39ef4a9df6747e0bf6205736a61db57b64c0a8b7eae725578c7d96f3a65d42c5aa1bd474b4354f7490ebf905febbf9a1499998237f38a37edd893be70066719ce3c3372fcf50bb1d5bbce638432d8604"
struct: string, string
Following the DH protocol, this must be the prime (p) and the generator (g)
Packet 2:
C2S: "4bbb408f43b477efa0aa1ad459e1f6f6df6a75544f43cda824a58130edba1ad459adfcd3e690c8d5e3ef51c3deef464198afcd7f50f25989e783c69d1d976be069f8db53968d24db593d4ed4aa30d1871bcfb25918dbd75b23eb81f6f96660fcd7a68ec6e69e03b5c36185e7f31fddcfd5ab63d985e9ebdac0e73f9791c6e26f"
struct: string
Following the DH protocol, this must be the client's public key (B)
Packet 3:
S2C: "6e2fcfa9ac131e1d21e20d927da6cec2d1aba9cc3ac9cd771b817ee1249ec9fb619951059e9b8c35bb33514ae68045261320feb0d38dc346c10a5347a5a1dc0343c1de5c9cf4c3daf2d21ed658fb2d060d78186f727e12d85d1040a9001df0e50fbd061b50afd76e2fdc30ab4e46769234b357f59473d4f65ff9bb03c2afea24,[1]
struct: string, bool
Following the DH protocol, this must be the server's public key (A)
At this point, Server and Client have a shared secret key (s), but I can't see where RSA was in place yet :S ? I guess I missed something ...
C2S: encrypted stuff
S2C: encrypted stuff
...
-----------------------------------------------
So my desperate questions are:
Is the RSA just used to encrypt the DH keys and the rest is still symmetric RC4? But this does not match the data above...
Or ist RC4 no loger used at all and everthing is crypted using RSA? So what is the DH shared key used for ?
My brain starts to burn... can someone put me on the right track?
During the last 10 days I read (and learned) a lot of RC4, DH, RSA and about the habbo encryption at all.
But I still don't exactly get what is used when and for what.
Please can somebody enlight me.
Name convention I use concering the communication parties:
C2S = Data sent from Client to Server
S2C = Data sent from Server to Client
struct = data structure
DH = Diffie Hellmann
If I take a look at what happens when the client connects to the server, I see this:
-----------------------------------------------
Packet 0:
C2S: "RELEASE63-201409091405-264511892",[0][0],133310
struct: String,Bool,Bool,Long
Packet 1:
S2C: "819dd5cd0fc94e72ba7aa9bf144be58e44d21eddb4fe8b4644bb560e310656cbf56b8d6a09cdd18dd008764a40ad44ec7e99550ff72fba01d656171726239d3d7556fe7f96bba4309a2731822cc14201eaeee5f8989b89867b485b0dde3cfd81af17028d63e80364c84a943eb33a65db4490bb3964e82c685ac7321cef706a26","6569d27090e17ce11e0b8bb44760f692f4e7750a22e39554e225792397461e8540622d96689df76a310a6e342411289f39ef4a9df6747e0bf6205736a61db57b64c0a8b7eae725578c7d96f3a65d42c5aa1bd474b4354f7490ebf905febbf9a1499998237f38a37edd893be70066719ce3c3372fcf50bb1d5bbce638432d8604"
struct: string, string
Following the DH protocol, this must be the prime (p) and the generator (g)
Packet 2:
C2S: "4bbb408f43b477efa0aa1ad459e1f6f6df6a75544f43cda824a58130edba1ad459adfcd3e690c8d5e3ef51c3deef464198afcd7f50f25989e783c69d1d976be069f8db53968d24db593d4ed4aa30d1871bcfb25918dbd75b23eb81f6f96660fcd7a68ec6e69e03b5c36185e7f31fddcfd5ab63d985e9ebdac0e73f9791c6e26f"
struct: string
Following the DH protocol, this must be the client's public key (B)
Packet 3:
S2C: "6e2fcfa9ac131e1d21e20d927da6cec2d1aba9cc3ac9cd771b817ee1249ec9fb619951059e9b8c35bb33514ae68045261320feb0d38dc346c10a5347a5a1dc0343c1de5c9cf4c3daf2d21ed658fb2d060d78186f727e12d85d1040a9001df0e50fbd061b50afd76e2fdc30ab4e46769234b357f59473d4f65ff9bb03c2afea24,[1]
struct: string, bool
Following the DH protocol, this must be the server's public key (A)
At this point, Server and Client have a shared secret key (s), but I can't see where RSA was in place yet :S ? I guess I missed something ...
C2S: encrypted stuff
S2C: encrypted stuff
...
-----------------------------------------------
So my desperate questions are:
Is the RSA just used to encrypt the DH keys and the rest is still symmetric RC4? But this does not match the data above...
Or ist RC4 no loger used at all and everthing is crypted using RSA? So what is the DH shared key used for ?
My brain starts to burn... can someone put me on the right track?