Our latest holiday gift from Nagra [Archive] - DssTester.com

View Full Version : Our latest holiday gift from Nagra

MrPhil

12-27-2007, 07:01 PM

c/p from another site:

Battle of the Bulge?

Well, this is it folks. I am calling it the Battle of the Bulge. This is the final desperate push by Nagra to defeat all hardware emulators. The stakes could not be higher: if they win, no single stand-alone hardware emulator is coming back. If they lose, they have nothing else to throw at us, at least nothing harder than this.

Their tactic is the (expected) timer hash of Map0x57. Map0x57, as most coders know is a convoluted implementation of elliptic curve multiplication (ECC). Timing a standard ECC function is hard enough, but timing a proprietary one is much, much harder - if not impossible.

My plan is to counter this attack with my favourite weapon of choice: statistics.It worked well for us last time, lets hope it works out this time too.

For those who are culturally deprived, the Battle of the Bulge was the last desperate offensive by the Germans, prepared with skill and secrecy, to capture the key strategic city of Bastogne around Christmas of 1944. Greatly outnumbered and outflanked, the allies held the city and the men who survived came to be known as the "Battered Bastards of Bastogne".

Lets see what the battered, bastard coders can do this time around...wish me luck!

PS. The battle field (MECM0x40) is depicted below.

Code:

00:0100: 99 sec 00:0101: 8A pushcc 00:0102: 9B sei 00:0103: B6 0D lda $0D 00:0105: 88 pusha 00:0106: A4 F7 and #$F7 00:0108: B7 0D sta $0D 00:010A: B6 12 lda $12 00:010C: 88 pusha 00:010D: B6 11 lda $11 00:010F: 88 pusha 00:0110: 13 12 bclr1 $12 00:0112: 9D nop 00:0113: 13 16 bclr1 $16 00:0115: A6 00 lda #$00 00:0117: C7 0B 92 sta $0B92 00:011A: A6 0B lda #$0B 00:011C: C7 0B 93 sta $0B93 00:011F: A6 A2 lda #$A2 00:0121: C7 0B 94 sta $0B94 00:0124: A6 0B lda #$0B 00:0126: C7 0B 95 sta $0B95 00:0129: A6 B2 lda #$B2 00:012B: C7 0B 96 sta $0B96 00:012E: A6 0B lda #$0B 00:0130: C7 0B 97 sta $0B97 00:0133: A6 C2 lda #$C2 00:0135: C7 0B 98 sta $0B98 00:0138: A6 0B lda #$0B 00:013A: C7 0B 99 sta $0B99 00:013D: A6 D2 lda #$D2 00:013F: C7 0B 9A sta $0B9A 00:0142: A6 0B lda #$0B 00:0144: C7 0B 9B sta $0B9B 00:0147: A6 E2 lda #$E2 00:0149: C7 0B 9C sta $0B9C 00:014C: A6 0B lda #$0B 00:014E: C7 0B 9D sta $0B9D 00:0151: A6 F2 lda #$F2 00:0153: C7 0B 9E sta $0B9E 00:0156: A6 02 lda #$02 00:0158: B7 48 sta $48 00:015A: A6 02 lda #$02 00:015C: CD 38 40 jsr $3840 00:015F: A6 0B lda #$0B 00:0161: B7 46 sta RC1 00:0163: A6 93 lda #$93 00:0165: B7 47 sta $47 00:0167: 13 16 bclr1 $16 00:0169: 13 12 bclr1 $12 00:016B: A6 41 lda #$41 00:016D: B7 16 sta $16 00:016F: A6 49 lda #$49 00:0171: B7 12 sta $12 00:0173: A6 FF lda #$FF 00:0175: B7 15 sta $15 00:0177: B7 11 sta $11 00:0179: 3F 14 clr $14 00:017B: 3F 10 clr $10 00:017D: 12 16 bset1 $16 00:017F: 9D nop 00:0180: 12 12 bset1 $12 00:0182: A6 57 lda #$57 00:0184: CD 38 40 jsr $3840 00:0187: 13 16 bclr1 $16 00:0189: 9D nop 00:018A: 13 12 bclr1 $12 00:018C: AD 37 bsr $1C5 00:018E: A6 04 lda #$04 00:0190: B7 47 sta $47 00:0192: A6 00 lda #$00 00:0194: B7 48 sta $48 00:0196: C6 0B 93 lda $0B93 00:0199: B7 4A sta $4A 00:019B: C6 0B 94 lda $0B94 00:019E: B7 4B sta $4B 00:01A0: A6 40 lda #$40 00:01A2: CD 5B E0 jsr Move_A_RC1_to_RC2 00:01A5: B6 14 lda $14 00:01A7: 31 C7 0B 92 sta [$0B92:$0B93:$0B94] 00:01AB: AD 18 bsr $1C5 00:01AD: B6 10 lda $10 00:01AF: 31 C7 0B 92 sta [$0B92:$0B93:$0B94] 00:01B3: 84 popa 00:01B4: B7 11 sta $11 00:01B6: 84 popa 00:01B7: 97 tax 00:01B8: A4 FD and #$FD 00:01BA: B7 12 sta $12 00:01BC: 9F txa 00:01BD: B7 12 sta $12 00:01BF: 84 popa 00:01C0: B7 0D sta $0D 00:01C2: 86 popcc 00:01C3: 98 clc 00:01C4: 87 rtsp 00:01C5: C6 0B 94 lda $0B94 00:01C8: AB 08 add #$08 00:01CA: C7 0B 94 sta $0B94 00:01CD: C6 0B 93 lda $0B93 00:01D0: A9 00 adc #$00 00:01D2: C7 0B 93 sta $0B93 00:01D5: 81 rts

Fab5

donxcore

12-27-2007, 11:35 PM

good luck to you Phil! :]

joer

12-28-2007, 12:24 AM

samwoo2go

12-28-2007, 12:27 AM

Jesus Im so glad I didn't major in CS

setwire

12-28-2007, 12:31 AM

samwoo2go

12-28-2007, 12:33 AM

What I don't understand is why can't charlie just keep hitting us with these 3 day kills for YEARS until EVERYONE is tired of it and FTA dies? Im a business major so if its a dumb question, thats why. :D

c/p from another site:

Battle of the Bulge?

Well, this is it folks. I am calling it the Battle of the Bulge. This is the final desperate push by Nagra to defeat all hardware emulators. The stakes could not be higher: if they win, no single stand-alone hardware emulator is coming back. If they lose, they have nothing else to throw at us, at least nothing harder than this.

Their tactic is the (expected) timer hash of Map0x57. Map0x57, as most coders know is a convoluted implementation of elliptic curve multiplication (ECC). Timing a standard ECC function is hard enough, but timing a proprietary one is much, much harder - if not impossible.

My plan is to counter this attack with my favourite weapon of choice: statistics.It worked well for us last time, lets hope it works out this time too.

For those who are culturally deprived, the Battle of the Bulge was the last desperate offensive by the Germans, prepared with skill and secrecy, to capture the key strategic city of Bastogne around Christmas of 1944. Greatly outnumbered and outflanked, the allies held the city and the men who survived came to be known as the "Battered Bastards of Bastogne".

Lets see what the battered, bastard coders can do this time around...wish me luck!

PS. The battle field (MECM0x40) is depicted below.

Code:

00:0100: 99 sec 00:0101: 8A pushcc 00:0102: 9B sei 00:0103: B6 0D lda $0D 00:0105: 88 pusha 00:0106: A4 F7 and #$F7 00:0108: B7 0D sta $0D 00:010A: B6 12 lda $12 00:010C: 88 pusha 00:010D: B6 11 lda $11 00:010F: 88 pusha 00:0110: 13 12 bclr1 $12 00:0112: 9D nop 00:0113: 13 16 bclr1 $16 00:0115: A6 00 lda #$00 00:0117: C7 0B 92 sta $0B92 00:011A: A6 0B lda #$0B 00:011C: C7 0B 93 sta $0B93 00:011F: A6 A2 lda #$A2 00:0121: C7 0B 94 sta $0B94 00:0124: A6 0B lda #$0B 00:0126: C7 0B 95 sta $0B95 00:0129: A6 B2 lda #$B2 00:012B: C7 0B 96 sta $0B96 00:012E: A6 0B lda #$0B 00:0130: C7 0B 97 sta $0B97 00:0133: A6 C2 lda #$C2 00:0135: C7 0B 98 sta $0B98 00:0138: A6 0B lda #$0B 00:013A: C7 0B 99 sta $0B99 00:013D: A6 D2 lda #$D2 00:013F: C7 0B 9A sta $0B9A 00:0142: A6 0B lda #$0B 00:0144: C7 0B 9B sta $0B9B 00:0147: A6 E2 lda #$E2 00:0149: C7 0B 9C sta $0B9C 00:014C: A6 0B lda #$0B 00:014E: C7 0B 9D sta $0B9D 00:0151: A6 F2 lda #$F2 00:0153: C7 0B 9E sta $0B9E 00:0156: A6 02 lda #$02 00:0158: B7 48 sta $48 00:015A: A6 02 lda #$02 00:015C: CD 38 40 jsr $3840 00:015F: A6 0B lda #$0B 00:0161: B7 46 sta RC1 00:0163: A6 93 lda #$93 00:0165: B7 47 sta $47 00:0167: 13 16 bclr1 $16 00:0169: 13 12 bclr1 $12 00:016B: A6 41 lda #$41 00:016D: B7 16 sta $16 00:016F: A6 49 lda #$49 00:0171: B7 12 sta $12 00:0173: A6 FF lda #$FF 00:0175: B7 15 sta $15 00:0177: B7 11 sta $11 00:0179: 3F 14 clr $14 00:017B: 3F 10 clr $10 00:017D: 12 16 bset1 $16 00:017F: 9D nop 00:0180: 12 12 bset1 $12 00:0182: A6 57 lda #$57 00:0184: CD 38 40 jsr $3840 00:0187: 13 16 bclr1 $16 00:0189: 9D nop 00:018A: 13 12 bclr1 $12 00:018C: AD 37 bsr $1C5 00:018E: A6 04 lda #$04 00:0190: B7 47 sta $47 00:0192: A6 00 lda #$00 00:0194: B7 48 sta $48 00:0196: C6 0B 93 lda $0B93 00:0199: B7 4A sta $4A 00:019B: C6 0B 94 lda $0B94 00:019E: B7 4B sta $4B 00:01A0: A6 40 lda #$40 00:01A2: CD 5B E0 jsr Move_A_RC1_to_RC2 00:01A5: B6 14 lda $14 00:01A7: 31 C7 0B 92 sta [$0B92:$0B93:$0B94] 00:01AB: AD 18 bsr $1C5 00:01AD: B6 10 lda $10 00:01AF: 31 C7 0B 92 sta [$0B92:$0B93:$0B94] 00:01B3: 84 popa 00:01B4: B7 11 sta $11 00:01B6: 84 popa 00:01B7: 97 tax 00:01B8: A4 FD and #$FD 00:01BA: B7 12 sta $12 00:01BC: 9F txa 00:01BD: B7 12 sta $12 00:01BF: 84 popa 00:01C0: B7 0D sta $0D 00:01C2: 86 popcc 00:01C3: 98 clc 00:01C4: 87 rtsp 00:01C5: C6 0B 94 lda $0B94 00:01C8: AB 08 add #$08 00:01CA: C7 0B 94 sta $0B94 00:01CD: C6 0B 93 lda $0B93 00:01D0: A9 00 adc #$00 00:01D2: C7 0B 93 sta $0B93 00:01D5: 81 rts

Fab5

joer

12-28-2007, 01:34 AM

satfree

12-28-2007, 02:23 AM

DN & the other provider have to shoot ECMs into the stream, it costs them (the providers) moola to pay the coders. On the FTA side, there are DVB coders who do the counter-ECMs purely for the challenge, NOT because there's any money in it for them!:no: The FTA manufacturers then pay (sometmes!!:o ) to convert the open-source code that the non-paid DVB coders provide freely, into a usable bin that will cause their receivers to work other than FTA, that is, to receive ALL the channels on a given satellite. :wow:

Happy Testing & New Year!!:hat: :beer: :beer:

Back to lurk mode,
jr

Does it really work that way?
I have not yet seen any code for any FTA box. Seems that the FTA box code is closely guarded and boxes orphaned every year or so so that people will keep buying new boxes. E.g., Wonder if there is any hope for the Fortec Star Classic NA box, sold by Fortec all thru 2007 but has not working bin from last few months. If there is any open source available for that, I am sure people will keep it alive.

Phant

12-28-2007, 09:00 PM

Does it really work that way?

For the most part, yes. It was very easy to see once the open source coders withheld their source for awhile. Only after they released it would FTA solutions suddenly appear.

I have not yet seen any code for any FTA box. Seems that the FTA box code is closely guarded

There isn't (unless you have a FTA box running Linux or Windows) and it is. The source is available for DVB. However, it often contains solutions the FTA manufacturers can use to get their boxes back up. And they borrow it, apparently without credit, which is why the open source isn't so open from time to time.