Timeline for Could a CRC-15 CAN be transformed into 8 bytes in an embedded system?
Current License: CC BY-SA 4.0
10 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Mar 18 at 3:38 | answer | added | Jasen Слава Україні | timeline score: 2 | |
| Mar 17 at 15:29 | answer | added | Mike James | timeline score: 1 | |
| Mar 17 at 15:10 | comment | added | Lundin | On any CRC code using a look-up table of some sort, you aren't likely to find the actual polynomial in the source. | |
| Mar 17 at 13:15 | answer | added | Kuba hasn't forgotten Monica | timeline score: 2 | |
| Mar 17 at 13:13 | comment | added | Kuba hasn't forgotten Monica | Of course, that table may just be a decoy to thwart reverse-engineering. Without a debug session or deeper reverse-engineering you won't know if the table is ever used. | |
| Mar 17 at 13:11 | comment | added | Kuba hasn't forgotten Monica | You have access to the firmware, and presumably know of IDA Pro and Ghidra. So, you should be able to answer all of those questions much better than we can. As for the methods: it's whatever someone can come up with, just to make it harder to reverse engineer. In my experience, to stump very basic attempts it's sufficient to use a non-standard CRC polynomial, and a non-standard CRC length, say 19 bits. You can presumably also run the firmware with a debugger and set breakpoints on access to the CRC lookup table. That will lead you to the CRC routine in the code. | |
| Mar 17 at 13:07 | history | edited | toolic | CC BY-SA 4.0 | added 16 characters in body |
| Mar 17 at 13:00 | comment | added | Justme | Anything is possible. I think the question might be unanswerable or too broad. Software can do anything it wants to some bytes and transmit them. | |
| S Mar 17 at 12:48 | review | First questions | |||
| Mar 17 at 13:07 | |||||
| S Mar 17 at 12:48 | history | asked | Charles | CC BY-SA 4.0 |