Re: Interpret Input Stream from Stars?

ime@xxxxxxxxx (Randy Hudson) writes:

In article <1141057143$744467@xxxxxxxxxxxx>,
JSeligstein <joel@xxxxxxxxxxxxxx> wrote:

Has anyone successfully interpreted the PokerStars input stream as cards?  I
don't care about actions, just cards.  If so, please respond or drop me an
email.

The stream is encoded with SSL; you'd need the key to decode it. The key
isn't well-protected, since the pokerstars client uses it to decode that
stream itself, and you've got a copy of the client on your machine.

If that were true, SSL wouldn't be in the least bit secure.

SSL uses public key encryption to exchange session keys to a symmetric
encryption algorithm. The public key is well known, which is necessary
to connect to the server. The client generates a session master key and
sends it encrypted using the public key. Only a server that holds a copy
of the private key will be able to decrypt that master key.

Knowing the public key doesn't help you to break the encryption - you'd
need the private key for that, which needless to say isn't available to
you.

But, it might be easier to just watch the Windows messages; the client
uses BitBlt messages to paste the card images on the screen, and each
card has a unique BitBlt source address.

This bit makes sense, though. In fact, controlling the machine that is
generating the master key is probably enough to make all sorts of
attacks on the SSL encryption, too, by tracing what is happening before
the encrypted data leaves on the network, but it's not because the
public key is on that machine.

--
Keith Willoughby http://flat222.org/keith/
"on day release from hopelessness"
.

Relevant Pages

  • Re: Secret Court Modified Bush Wiretap Requests
    ... Well, I want the strongest encryption I ... Think about how public key encryption works. ... Not very useful for a newsgroup. ... stream of news as it came along. ...
    (comp.dcom.telecom)
  • Re: My credit card details have been sent in the clear!
    ... Giulio Cespuglio wrote: ... I don't know much about SSL, ... the seller knows your public key. ... SSL uses asymmetric encryption only to start the encryption ...
    (comp.security.misc)
  • Re: Security Basic Concept
    ... > basics of encrypting data vs. SSL. ... > that and just plain old data encryption. ... > decrypt it with the private key. ... Basically, with public key encryption, you generate a key pair: ...
    (microsoft.public.security)
  • Re: Encrypted network communication
    ... Bob) communicate over an insecure channel. ... This type of encryption uses a single shared, ... Secret-key encryption algorithms use a single secret key to encrypt and ... unauthorized users and a public key that can be made public to anyone. ...
    (microsoft.public.dotnet.languages.csharp)
  • RE: PGP scripting...
    ... cryptosystems, ... In these systems divulging your private key compromises the public ... Here is a quick over view of the public key encryption routines (the ...
    (SecProg)