To darkrei9n, obliviron and other cracking pros:
The chinese cracking group made some progress on this and I'm going to translate what they currently get:
1. They also find authentication key and decription key is the same and get to the screen for manaully entering the authentication code. So everything still boils down to getting the salsa20 decription key.
2. What they found is that the mpqe file heads are NOT corrupted, and you can get plain text from them. With the plain text known, one can do a XOR with cipher text to get the Hash table. With a second round of sorting on Hash table you can get decription key. They compare the mpqe file with the beta non-encrypted) ones. For example, the first row in beta mpq is 01 00 03 00. And in retail mpqe it's 01 00 05 00. If you do a XOR of 03 and 05 and use the result to XOR the other mpqe and you get the same result. This shows the key is valid. So we actually know the plain text. However, the second row of mpqe file is messed up so there's 8 bits out of 64 bits plain text missing.
3. Now the project is: Attack sala20 cryptography with complete knowledge of ciphertext and about 90% plain text. Is there any algorithm optimized for computing that?
We hope the pros here can help us and share the knowledge and skills. I don't know much about the terminology in cryptography so the translation may be a little hard to understand. But you pros should be able to get it!
The chinese cracking group made some progress on this and I'm going to translate what they currently get:
1. They also find authentication key and decription key is the same and get to the screen for manaully entering the authentication code. So everything still boils down to getting the salsa20 decription key.
2. What they found is that the mpqe file heads are NOT corrupted, and you can get plain text from them. With the plain text known, one can do a XOR with cipher text to get the Hash table. With a second round of sorting on Hash table you can get decription key. They compare the mpqe file with the beta non-encrypted) ones. For example, the first row in beta mpq is 01 00 03 00. And in retail mpqe it's 01 00 05 00. If you do a XOR of 03 and 05 and use the result to XOR the other mpqe and you get the same result. This shows the key is valid. So we actually know the plain text. However, the second row of mpqe file is messed up so there's 8 bits out of 64 bits plain text missing.
3. Now the project is: Attack sala20 cryptography with complete knowledge of ciphertext and about 90% plain text. Is there any algorithm optimized for computing that?
We hope the pros here can help us and share the knowledge and skills. I don't know much about the terminology in cryptography so the translation may be a little hard to understand. But you pros should be able to get it!