Re: A89: U.S. Encryption Laws

To: assembly-89@lists.ticalc.org
Subject: Re: A89: U.S. Encryption Laws
From: Johan <johei804@student.liu.se>
Date: Fri, 3 Dec 1999 10:56:02 +0100
In-Reply-To: =?iso-8859-1?Q?=3CPine=2EOSF=2E4=2E10=2E9912030854420=2E21661-100000=40s?= =?iso-8859-1?Q?itriini=2Ehut=2Efi=3E=3B_from_Risto_J=E4rvinen_on_Fri=2C_?= =?iso-8859-1?Q?Dec_03=2C_1999_at_09:21:02_+0200?=
References: <38470F83.D8029ACC@drrobin.yi.org> <Pine.OSF.4.10.9912030854420.21661-100000@sitriini.hut.fi>
Reply-To: assembly-89@lists.ticalc.org

On Fri, Dec 03, 1999 at 09:21:02 +0200, Risto Järvinen wrote:
> 
> Hm.  Are the apps actually encrypted?

No, only the signatures are.

> Instead RSA could be used to make a digital signature on programs and the
> calc would refuse to run them.  This wouldn't protect the programs from
> being pirated (you can copy them but they won't run on another calc) but
> it'd let the calculator be exported.

The MD5 algorithm is used to make a digital signature and this signature is
encrypted (by TI) using RSA. The calculator decrypts this and verifies the
checksum, if it doesn't match the app is deleted.

> Plus if calculator actually decrypts something using RSA, it means that it
> has the 'private key', so you could just disassemble the ROM to find it
> out.  Authenticating digital signature needs only the 'public key' while
> signing requires the 'private'.

Right and wrong. It's true that authenticating requires the public key, and
that's why you will *not* find the private key in the ROM. Only TI knows the
private key, and only TI can sign apps/ROMs.

//Johan

Follow-Ups:

Re: A89: U.S. Encryption Laws

From: =?ISO-8859-1?Q?Risto_J=E4rvinen?= <rjarvine@cc.hut.fi>

References:

Re: A89: U.S. Encryption Laws

From: Robin Kirkman <misty@drrobin.yi.org>

Re: A89: U.S. Encryption Laws

From: =?ISO-8859-1?Q?Risto_J=E4rvinen?= <rjarvine@cc.hut.fi>

Prev: Re: A89: U.S. Encryption Laws
Next: RE: A89: Re: How TI's keys work
Index(es):
- Main
- Thread