All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 71 posts ]  Go to page Previous  1, 2, 3, 4  Next
Author Message
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 3rd, 2011, 12:47 
Offline

Joined: May 14th, 2011, 17:44
Posts: 22
Location: United
Doomer wrote:
aena9200 wrote:
Do you know how the key is stored in that sector? i.e. where is the key in those 448 bytes?

No, I don't know
Why would it matter?
It's encrypted and even if encryption of the sector itself is also AES256 to encrypt/decrypt the sector with password, the password should be hashed (and possibly salted). I believe the hash algorithm wasn't released into public documents


It would matter because the password I had was just seven letters and I know most of them. The other thing is that I do not think that this key is encrypted becasuse it is needed to encrypt/decrypt the whole drive so it should be accessible by that chip. Regarding the internals of the way wdsmartware works, I guess it is still somehow esoteric but of course some people know how it works. I found a site for data recovery in Ukraine with some information about this topic and even some tools to decrypt the disk but all the files are password protected. Probably I will give it a try and contact them.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 3rd, 2011, 12:58 
Offline
User avatar

Joined: September 29th, 2005, 12:02
Posts: 3362
Location: Chicago
aena9200 wrote:
It would matter because the password I had was just seven letters and I know most of them.

I guess you don't understand how things work then

Here is you password
1234567
Now we need to hash password to make it 32 byte key, let's call intermediate key. This intermediate key will encrypt area where data encryption key is stored (master key)
This hashing algorithm you don't know and this information wasn't released by WD
Let's say the hashing algo is single SHA256, so you password will be hashed into this
8BB0CF6EB9B17D0F7D22B456F121257DC1254E1F01665370476383EA776DF414
But since we don't know the algo it can be anything
For example double SHA256
7905F239049A7574F8AC2088BB26998DE311C1FDD4BCAE636D7EAFAE02970F36
Or triple SHA256
5917A345C6D0364B670E728A5362373E277C99029712760D771181095DCBAF48
Or maybe some XORs and shifts
Or SHA with salt
Or anything else

How you gonna get your master key w/o knowing the algo of hashing?

_________________
SAN, NAS, RAID, Server, and HDD Data Recovery.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 3rd, 2011, 13:22 
Offline

Joined: May 14th, 2011, 17:44
Posts: 22
Location: United
Doomer wrote:
How you gonna get your master key w/o knowing the algo of hashing?


It is not a secret once you have the datasheet of the chip and I don't see this as a problem at all. The other thing is that I am not talking about setting a password and how the key would be manipulated based on that password, simply I am talking about how this key is stored even without setting a password. Anyway, I am sure it is doable just a matter of time and the internals of this chip would be revealed it is not a rocket science ;)


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 3rd, 2011, 13:37 
Offline

Joined: July 18th, 2006, 3:05
Posts: 7532
Location: ITALY
@aena9200,

Do you know how AES works ? 8)


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 3rd, 2011, 13:38 
Offline

Joined: May 14th, 2011, 17:44
Posts: 22
Location: United
BlackST wrote:
@aena9200,

Do you know how AES works ? 8)

yes


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 3rd, 2011, 13:46 
Offline

Joined: July 18th, 2006, 3:05
Posts: 7532
Location: ITALY
Then why ask ?

You have the great opportunity to be the n-th to try RE the mechanism of encryption / decryption behind SmartWare.

(If it was so simple, there would be a lot of problems) :mrgreen:


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 3rd, 2011, 13:52 
Offline

Joined: May 14th, 2011, 17:44
Posts: 22
Location: United
BlackST wrote:
Then why ask ?

You have the great opportunity to be the n-th to try RE the mechanism of encryption / decryption behind SmartWare.

(If it was so simple, there would be a lot of problems) :mrgreen:

This has nothing to do with knowing AES, it is mainly about how/where those bits are stored and in order to know this I guess the datasheet of this chip is needed.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 3rd, 2011, 13:56 
Offline

Joined: May 14th, 2011, 17:44
Posts: 22
Location: United
and btw just fyi, the biggest problem in cryptography is not about the algorithm used at all, it is about key exchange and in this case at hand you have the key already stored (in some format) along with the data.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 3rd, 2011, 14:01 
Offline
User avatar

Joined: May 13th, 2010, 11:17
Posts: 2623
Location: Kuwait
aena9200 wrote:
BlackST wrote:
Then why ask ?

You have the great opportunity to be the n-th to try RE the mechanism of encryption / decryption behind SmartWare.

(If it was so simple, there would be a lot of problems) :mrgreen:

This has nothing to do with knowing AES, it is mainly about how/where those bits are stored and in order to know this I guess the datasheet of this chip is needed.



My Friend, you are walking from the beginning from the road, well i can suggest you this, which i learned from my Grand Pa

Whats the Diff. between SMART people & Idiots (sorry i dont mean you)

Smart People ALWAYS starts from Where ever others Stopped
Idiots Always have to Try from the beginning (and waste their Time)

if you just think about this in another point of view, for example: I tell you walking into this road is difficult, just try another route it is better since others TRIED IT BEFORE,
BUT
if you really wanted to walk from the beginning well, that is up2u, but remember Initio Chip Datasheet will never help anyway, there are other ways to solve this problem, but you need to read more here about WD Passport/Essentials
PCB Initio here and you will understand.

thank you and good luck

_________________
Kuwait Data Recovery - UNIX GTC
The only reason for time is so that everything doesn't happen at once. By: Albert Einstein


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 3rd, 2011, 14:05 
Offline

Joined: July 18th, 2006, 3:05
Posts: 7532
Location: ITALY
I have the feeling that Einstein understood what I meant .... :D

if you just think about this in another point of view, for example: I tell you walking into this road is difficult, just try another route it is better since others TRIED IT BEFORE

quote : (me)

You have the great opportunity to be the n-th to try RE the mechanism of encryption / decryption behind SmartWare

Thread closed for me ;)


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: June 3rd, 2011, 15:17 
Offline
User avatar

Joined: September 29th, 2005, 12:02
Posts: 3362
Location: Chicago
aena9200 wrote:
It is not a secret once you have the datasheet of the chip and I don't see this as a problem at all.

Hashing algo has nothing to do with hardware in chip
Hashing is not time critical operation and it can be calculated by FW and only limited by FW size and fantasy of WD engineers
You can RE chip's FW if you'd like - update with FW is on wdc.com
I'll make it even easier for you Inic chip core is Intel Turbo 8051

_________________
SAN, NAS, RAID, Server, and HDD Data Recovery.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: July 5th, 2011, 21:00 
Offline
User avatar

Joined: September 8th, 2009, 18:21
Posts: 12437
Location: Australia
One way to see the unencrypted contents of the "password" sector would be to copy it to an unused sector in the visible user area, say LBA1. (LBA 0 would be the MBR and partition table, while LBA 63 would be the boot sector of the first partition. LBAs 1 through 62 would normally be zeros.) Then connect to the drive via USB and examine LBA 1 with your disc editor. Hopefully the Initio chip uses the same algorithm and encryption key to decrypt this sector. Of course you will need to do this on an experimental drive.

I would repeat the above procedure using several known passwords, and compare them against a drive without a password. Try a short password (eg "ABC"), a full length password (32 characters ?), and a password with upper and lowercase (to test for case sensitivity). Copy the resulting password sectors to LBA 2, LBA 3, etc.

Hopefully the password fits in a 32-byte slot that is aligned with the 128-bit or 256-bit data chunks used by the AES algorithm. If this is the case, then it should be easy to replace these 32-bytes with encrypted zeros, such as are normally found in LBAs 1 through 62. Otherwise you could replace them with the encrypted versions of known text strings, such as the "/O error...Replace the disk, and" text that is part of a FAT32 boot sector. Which text you use will depend on which utility was used to partition and format your drive.

BTW, an examination of the encrypted zeros in LBA 1 through LBA 62 should tell you whether the encryption spans 128 bits (16 bytes) or 256 bits (32 bytes).

_________________
A backup a day keeps DR away.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: July 5th, 2011, 22:02 
Offline
User avatar

Joined: September 29th, 2005, 12:02
Posts: 3362
Location: Chicago
fzabkar wrote:
One way to see the unencrypted contents

Not going to work because sector with master key is not encrypted by master key
fzabkar wrote:
Hopefully the password fits in a 32-byte slot that is aligned with the 128-bit or 256-bit data chunks used by the AES algorithm. If this is the case, then it should be easy to replace these 32-bytes with encrypted zeros, such as are normally found in LBAs 1 through 62.

I believe user password is not stored anywhere, so it would be interesting to know what we are going to replace
BTW data chunks are always 128 bit in AES

_________________
SAN, NAS, RAID, Server, and HDD Data Recovery.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: July 6th, 2011, 3:49 
Offline

Joined: March 7th, 2009, 12:43
Posts: 969
Location: Angel Data Recovery
fzabkar wrote:
BTW, an examination of the encrypted zeros in LBA 1 through LBA 62 should tell you whether the encryption spans 128 bits (16 bytes) or 256 bits (32 bytes).


Why need that? Nobody don't hide this info.
http://www.wdc.com/wdproducts/library/other/2579-701178.pdf

_________________
Angel Data Recovery


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: July 6th, 2011, 4:22 
Offline

Joined: March 7th, 2009, 12:43
Posts: 969
Location: Angel Data Recovery
Double post. Deleted

_________________
Angel Data Recovery


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: July 18th, 2011, 18:36 
Offline

Joined: May 14th, 2011, 17:44
Posts: 22
Location: United
@fzabkar
Thanks a lot for trying to help, at least not like the others here who tried to make me look like an idiot just because I asked for help.

I tried all you mentioned when I posted my previous replies, and as I said before the bit strength in the used AES is 256-bit and the block cipher used is ECB which means that every block is decrypted\encrypted independent of the other blocks which make things a bit easier. The document DR-Kiev sent is probably old or for some other models.

Regarding my problem, I have unlocked the drive by simply trying to remember the password and that was way much better than being mocked at here. Based on the information published online, this drive could be decrypted with some kind of hardware backdoor (I am not sure) but some data recovery services have this ability and probably that explains why people here are reluctant to divulge any useful info about this. Anyways my guess is that those bytes contain the master key used to encrypt the drive + some kind of hash to verify the entered password, all this is encrypted by the user password, probably using the same AES algorithm or just a simple XOR, again thanks for your help :)


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: July 18th, 2011, 20:20 
Offline
User avatar

Joined: September 29th, 2005, 12:02
Posts: 3362
Location: Chicago
I agree that remembering the password is much better then being mocked but I disagree that fzabkar's post would be helpful at all in this case
Am I the only one who senses double standards here :)
Anyway from what I see you still have no clue how encryption works IMHO. I just completely waisted my time trying to explain the theory to you. Pity.

_________________
SAN, NAS, RAID, Server, and HDD Data Recovery.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: July 18th, 2011, 21:04 
Offline

Joined: May 14th, 2011, 17:44
Posts: 22
Location: United
Doomer wrote:
I agree that remembering the password is much better then being mocked but I disagree that fzabkar's post would be helpful at all in this case
Am I the only one who senses double standards here :)
Anyway from what I see you still have no clue how encryption works IMHO. I just completely waisted my time trying to explain the theory to you. Pity.

Well I thanked him because he tried to help without playing smart, and I didn’t say his post was helpful but again he tried to help.

Yes I still don’t know how the encryption works because I’m not that good with hardware; I work better with software and algorithms. And I don’t know which theory you tried to explain, check your posts u didn’t add any useful information. The only one who really helped here, to some extent, is DR-Kiev, he saved me a whole day when he mentioned that the VCD area is stored at the end of the disk not at the beginning.

The real pity is when you look down on people’s trials instead of trying to be helpful, people are not born with knowledge they acquire it through their life just in case you don’t know.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: July 18th, 2011, 21:12 
Offline
User avatar

Joined: September 29th, 2005, 12:02
Posts: 3362
Location: Chicago
aena9200 wrote:
The real pity is when you look down on people’s trials instead of trying to be helpful, people are not born with knowledge they acquire it through their life just in case you don’t know.

I told you that nothing would help if you don't have/know the password and I told you that a while ago and this might have saved your time but you didn't listen. I tried to add information about how encryption works but apparently that was either too much for you to understand or you didn't believe
And finally you unlocked your drive and with what, not the fancy tools but with pure user password which you remembered and yet you displeased with answers
Pity you don't understand, again

_________________
SAN, NAS, RAID, Server, and HDD Data Recovery.


Top
 Profile  
 
 Post subject: Re: Unlock WD My Book Essential
PostPosted: July 18th, 2011, 21:16 
Offline

Joined: May 14th, 2011, 17:44
Posts: 22
Location: United
Doomer wrote:
I told you that nothing would help if you don't have/know the password ...............

NOT true it is possible to decrypt the drive without the password based on the feedback I got from different DR services, so again that was useless.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 71 posts ]  Go to page Previous  1, 2, 3, 4  Next

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: waqas_ali766 and 49 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group