iClass request
#1
Some ppl has been asking about this and my own curiousity has been there since I implemented a naive dictionary implentation for the proxmark3 client.
There are different attacks already for different parts,  but given a sniffed trace of authentication

A hashcat implementation would be good for the scenario of custom keys.  

What is it?

iClass crypto

- triple des
- three hash diversifications  (hash-0 , hash-1, hash-2) for two modes.  legacy standard / elite (high)
- a twist of the des key aswell.  all parity is in last byte instead of MSB

Possible ideas for Hashcat would be a dictionary or bruteforce mode.

http://www.icedev.se/proxmark3/proxclone...HSKeys.pdf

Documents.
http://www.proxmark.org/files/proxclone.com/
Reply
#2
Can you be more specific which type of computation is needed?
Reply
#3
I would really love to see this happen, would make cracking Iclass Elite keys much more viable.
Reply
#4
I'd be happy to add this to hashcat. Just need the details.
Reply
#5
https://www.cs.bham.ac.uk/~garciaf/publi...iClass.pdf
~
Reply