|
Encryption
Encryption used by the procotol
IntroductionMXit uses AES-128 encryption to encrypt the user's pin, and messages on the user's request. For the exact algorithms used, see encryption.py. Padding the dataFor a start, the ascii values of the 7 characters <mxit/> is prepended to the data. This is useful to check that the correct key was used to decrypt the data. For AES encryption, only blocks of exactly 16 bytes can be encrypted. Larger amounts of data are split into blocks of 16 bytes each, and encrypted blocks joined again. Since data is not always a multiple of 16, it has to be padded. MXit uses an approach similar to the PKCS7 padding: bytes with value 0 are added to the data, until it is 1 less than a multiple of 16. If the data was a multiple of 16, 15 bytes are added. The last byte is then set to the number of padded bytes added, including itself (a number between 1 and 16, inclusive). Example: sample-data -> <mxit/>sample-data\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0ebyte values: 115 97 109 112 108 101 45 100 97 116 97 -> 60 109 120 105 116 47 62 115 97 109 112 108 101 45 100 97 116 97 0 0 0 0 0 0 0 0 0 0 0 0 0 14 Padding the KeyThe key has to be exactly 16 bytes. To achieve this, the key is 'pasted over' the first part of the bytes 54 49 55 48 51 56 51 52 53 50 51 52 51 53 54 55 are replaced with the ascii values of the key. Those bytes are the ascii values of the string 6170383452343567. Example, in ascii: password -> password52343567 Encryption & DecryptionStandard AES-128 encryption is used for any data, with the padding specified above. Client IDEach download of the MXit application contains a unique id in the following form: AABBBBBBBB-BBBB-BBBB-BBBB-BBBBBBBBBBBBCCCCCCCC The first two digits (A) represent a length in hexadecimal form. The rest of the id is split into two parts. The first part (B) has a length (including the hyphens) specified by A. This is sent with every login. The second part (C) is used to encrypt the pin. PinFor login, registration and updating the user profile, the user pin must be encrypted. The key is the ascii values of the C part of the client id. The data is the pin. The key and data are padded as explained above, and encrypted. The result is encoded as base64 before being sent. |
Hi
Can you please explain the "Padding of Key" in a little more detail, and what are you refering to as the "first part of the bytes"
And how did you get so much info on the mxit protocol? I'm just using wireshark and a jar emulator on my pc It's nice that you are sharing your info to everyone
Thanks
I have a message I need to decrypt but I lost the password? Could you help? mail me at admin (at) dhc . za. org
Hey I lost a password of a message I need to decrypt ,i really really need your help...send me an email