@@ -42,7 +42,7 @@ The Product Key itself (not to confuse with the RPK) is of form `FFFFF-GGGGG-HHH
4242the alphabet ` BCDFGHJKMPQRTVWXY2346789 ` to exclude any characters that can be easily confused, like ` I ` and ` 1 ` or ` O ` and ` 0 ` .
4343
4444As per the alphabet capacity formula, the key can at most contain 114 bits of information.
45- $$ N = log2 (24^25) ~ 114 $$
45+ $$ N = \log_2 (24^{25}) \approx 114 $$
4646
4747Based on that calculation, we unpack the 114-bit Product Key into 4 ordered segments:
4848
@@ -71,11 +71,13 @@ They differ only slightly. Both curves are defined over the finite field, F<sub>
7171F<sub >2m</sub > assumes $p = 2m$. Microsoft used the latter in their algorithm.
7272
7373An elliptic curve over the finite field F<sub >p</sub > consists of:
74- * a set of integer coordinates ${x, y}$, such that $0 <= x, y < p$;
74+ * a set of integer coordinates ${x, y}$, such that $0 \le x, y < p$;
7575* a set of points $y^2 = x^3 + ax + b \mod p$.
7676
7777** An elliptic curve over F<sub >17</sub > would look like this:**
7878
79+ ![ F17 Elliptic Curve] ( https://user-images.githubusercontent.com/44542704/230788993-d340f63c-7201-4307-a52c-9bf159b99d02.png )
80+
7981The curve consists of the blue points in above image. In practice the "elliptic curves"
8082used in cryptography are "sets of points in square matrix".
8183
@@ -95,9 +97,9 @@ To create the CD-key generation algorithm we must compute the corresponding priv
9597which means we have to reverse-solve the one-way ECC task.
9698
9799Judging by the key exposed in BINK, p is a prime number with a length of ** 384 bits** .
98- The computation difficulty using the most efficient Pollard's Rho algorithm ($O(\sqrtn )$) would be at least $O(2^168)$, but lucky for us,
100+ The computation difficulty using the most efficient Pollard's Rho algorithm ($O(\sqrt{n} )$) would be at least $O(2^{ 168} )$, but lucky for us,
99101Microsoft limited the value of the signature to 55 bits in order to reduce the amount of matching product keys, reducing the difficulty
100- to a far more manageable $O(2^28 )$.
102+ to a far more manageable $O(2^{28} )$.
101103
102104The private key was, of course, conveniently computed before us in just 6 hours on a Celeron 800 machine.
103105
0 commit comments