Here is a Tandberg encrypted stream (103 seconds):
_https://mega.nz/#!1ApzARrR!Oq0Mf9VDdJlcwyJidB5jRJ-8QTWLlP7G5FqnmJxx2vc
I have filtered it for the needed PIDs for program 3:
PID_PAT 0
PID_CAT 1
PID_EMM 0x1F4
PID_PMT 0x576
PID_ECM 0x56F
PID_VID 0x515
PID_PCR 0x577
PID_AUD1 0x51F
PID_AUD2 0x520
PID_AUD3 0x521
PID_AUD4 0x522
PID_AUD5 0x523
PID_AUD6 0x524
PID_AUD7 0x525
CAID is 1010h
EMM table IDs are 82h and 83h
I was able to decrypt it with the help of a EMM key that I have found in the firmware:
![]()
It uses CSA with a changing CW.
Of course you can use RBT or CudaBiss to decrypt a crypto period, but the goal of this challenge is to decrypt it the normal way with the help of the EMM key (D5 B0 49 40 0D FB 83 25).
So post the first EMM with table ID 82h.
There are x * 8 byte encrypted data present.
Can you decrypt it with the above info?
You need to guess the encryption algorithm from this old (so it's not AES) Tandberg system.
The decrypted data should start with A4 C7...
Post the x * 8 byte decrypted data.
_https://mega.nz/#!1ApzARrR!Oq0Mf9VDdJlcwyJidB5jRJ-8QTWLlP7G5FqnmJxx2vc
I have filtered it for the needed PIDs for program 3:
PID_PAT 0
PID_CAT 1
PID_EMM 0x1F4
PID_PMT 0x576
PID_ECM 0x56F
PID_VID 0x515
PID_PCR 0x577
PID_AUD1 0x51F
PID_AUD2 0x520
PID_AUD3 0x521
PID_AUD4 0x522
PID_AUD5 0x523
PID_AUD6 0x524
PID_AUD7 0x525
CAID is 1010h
EMM table IDs are 82h and 83h
I was able to decrypt it with the help of a EMM key that I have found in the firmware:
It uses CSA with a changing CW.
Of course you can use RBT or CudaBiss to decrypt a crypto period, but the goal of this challenge is to decrypt it the normal way with the help of the EMM key (D5 B0 49 40 0D FB 83 25).
So post the first EMM with table ID 82h.
There are x * 8 byte encrypted data present.
Can you decrypt it with the above info?
You need to guess the encryption algorithm from this old (so it's not AES) Tandberg system.
The decrypted data should start with A4 C7...
Post the x * 8 byte decrypted data.