[Cryptography] Trying to crack a CRC

Henry Baker hbaker1 at pipeline.com
Sat Apr 23 10:50:51 EDT 2022


Hi all:
 
This problem should be trivial, but I'm still having trouble.
 
I'm trying to crack what appears to be a 32-bit CRC algorithm.
 
I can gather a large number of samples, and I can 'correct' the
CRC (at some cost) in order to run chosen plaintext experiments.
 
Here are the parameters:
 
* Messages are 28 bytes; CRC is 4 bytes; total size is 32 bytes.
* I've gathered enough messages & done Gaussian elimination to prove that:
a) the CRC calculation is linear, and all bits participate.
b) I've been able to determine the CRC's for almost 100 out of the 224 'singleton' (1 non-zero, non-CRC bit) vectors.
c) I'm able to get singletons for upwards of 16 or more adjacent bits, which should be able to provide enough data to completely solve the CRC algorithm.
 
Although the CRC is 32 bits long, I can't verify that it is a single CRC-32 algorithm (rather than, e.g., 2 16-bit CRC-16's).
 
I suspect that the CRC is 'little-endian', but I haven't been able to prove it.
 
Unfortunately, I haven't had any success with open source CRC crackers that I found on the web: 'crc-beagle' and 'reveng'.
 
'crc-beagle' apparently checks a bunch of standard CRC algorithms, while 'reveng' supposedly searches the space mathematically.
 
'reveng' should be capable of solving this problem, but the documentation is so sparse that I haven't been able to figure out how to use it.
 
Has anyone here had any success utilizing the 'reveng' tool?
 


More information about the cryptography mailing list