标题: Skype登录过程中对SHA1的一种使用 创建: 2006-11-14 18:43 链接: https://scz.617.cn/misc/200611141843.txt 参看[1]的"Analysis of the login phase"部分,其中提到经SHA1处理得到256-bits 的AES Encrypt Key。我们知道SHA1本身输出是160-bits,显然Skype做了组合变换。 [1]的作者没有给出细节,我们逆向分析了这个地方,下面是其C风格的伪代码: -------------------------------------------------------------------------- void SkypeSHA1 ( in, insize, out, outsize ) { hash[20]; buf[buflen]; i; j; buflen = 4 + insize; memcpy( buf + 4, in, insize ); j = 0; while ( 1 ) { for ( i = 0; i < 32; i += 8 ) { buf[i/8] = j >> ( 24 - i ); } /* end of for */ SHA1( buf, buflen, hash ); if ( outsize <= sizeof( hash ) ) { memcpy( out, hash, outsize ); break; } memcpy( out, hash, sizeof( hash ) ); out += sizeof( hash ); outsize -= sizeof( hash ); j++; } /* end of while */ return; } /* end of SkypeSHA1 */ -------------------------------------------------------------------------- 验证集如下: -------------------------------------------------------------------------- [ 192 bytes ] -> 16 bytes per line 00000000 01 60 B2 14 51 35 8C DC D6 66 F0 83 D3 E1 97 99 00000010 9B C6 25 39 3C 02 2B 57 84 60 B2 14 51 35 8C DC 00000020 D6 66 F0 83 D3 E1 97 99 9B C6 25 39 3C 02 2B 57 00000030 84 60 B2 14 51 35 8C DC D6 66 F0 83 D3 E1 97 99 00000040 9B C6 25 39 3C 02 2B 57 84 60 B2 14 51 35 8C DC 00000050 D6 66 F0 83 D3 E1 97 99 9B C6 25 39 3C 02 2B 57 00000060 84 60 B2 14 51 35 8C DC D6 66 F0 83 D3 E1 97 99 00000070 9B C6 25 39 3C 02 2B 57 84 60 B2 14 51 35 8C DC 00000080 D6 66 F0 83 D3 E1 97 99 9B C6 25 39 3C 02 2B 57 00000090 84 60 B2 14 51 35 8C DC D6 66 F0 83 D3 E1 97 99 000000A0 9B C6 25 39 3C 02 2B 57 84 60 B2 14 51 35 8C DC 000000B0 D6 66 F0 83 D3 E1 97 99 9B C6 25 39 3C 02 2B 57 [ 32 bytes ] -> 16 bytes per line 00000000 21 A3 B0 73 A3 23 44 24 2E 64 FB EE 0A 68 5B 70 00000010 55 7C 20 7D 7C 7A C0 BE 38 CC E7 9E BE 71 48 2A -------------------------------------------------------------------------- 参考资源: [ 1] Silver Needle in the Skype - [2006-03-02] http://www.blackhat.com/presentations/bh-europe-06/bh-eu-06-biondi/bh-eu-06-biondi-up.pdf