Difference between revisions of "Nonce"

Revision as of 20:53, 7 December 2011

Nonce is a signing method that randomizes Apple's cryptographic signature hash blobs (SHSH blobs) and is used with the BBTicket (baseband signing ticket) and the APTicket (firmware signing ticket).

Method

The device bootloaders (baseband or firmware) generate a random number at the restore, then send them to iTunes which sends them to Apple. Then Apple sends the APTicket / BBTicket SHSH certificate with the number generated. This level is the most critical: the number within the certificate is matched to the number generated on device, and if they match iTunes will prepare the matched certificate and finally will stitch the randomized blobs to the firmware. If the blobs don't match the restore will fail and the bootloaders will reject the certificate.

Usage

BBTicket

No iPod touch (or iPad Wi-Fi) has been signed with the BBTicket, since by definition it has no baseband.
iPhone 2G (bootloaders can be neutered to cancel this signchecks). iPhone 3G, iPhone 3GS and iPad Wi-Fi+3G - if the baseband is higher or equal (or just higher on bootloader 3.9 on iPhone 2G). Some bootloaders allow downgrade of the baseband if it is still signed.
iPhone 4 GSM, iPhone 4 CDMA, iPhone 4S, and iPad 2 Wi-Fi+3G (GSM) and iPad 2 Wi-Fi+CDMA - AT+XNONCE - restores the baseband only if Apple is still signing it. On bootloaders 2.8, 2.13, Trek and Phoenix, both the AT+XNONCE and the "higher or equal" checks happen.

APTicket

Devices with the S5L8900 get SHSH blobs without APTicket on 4.0 - 4.2.1, even though they are not required and can be avoided with Pwnage+Pwnage 2.0.
Devices with the S5L8720 get SHSH blobs without APTicket from 3.1.1 and on, even though iBoot-240.4 doesn't require them and they can be avoided with 24kpwn
Devices with the S5L8920, S5L8922, S5L8930 and S5L8940 got SHSH blobs without APTicket between 3.0 - 4.3.5, and they can not be avoided (except for the iBoot-359.3 with 24kpwn)
Devices with the S5L8920, S5L8922, S5L8930 and S5L8940 get APTicket SHSH blobs on 5.0+, and they can not be avoided (except for the iBoot-359.3 with 24kpwn)

Jailbreak difficulties

With nonce signatures, signatures can't be cached, because signatures will not match if they have been reused. In other words, the widely used replay attack is no longer possible.

@@ Line 1: / Line 1: @@
-'''Nonce''' is a signing method that randomizes Apple's cryptographic Signature Hash blobs (SHSH blobs) and is used with the BBTicket (Baseband signging ticket) and the APTicket (firmware signing ticket).
+'''Nonce''' is a signing method that randomizes Apple's cryptographic signature hash blobs ([[SHSH]] blobs) and is used with the BBTicket (baseband signing ticket) and the APTicket (firmware signing ticket).
 ==Method==
-The device Bootloaders (Baseband or firmware) generate a random number at the restore, then send them to iTunes which sends them to Apple. Then Apple sends the APTicket/BBTicket SHSH certificate with the number generated. This level is the most critical: the number within the certificate is matched to the number generated on device, and if they match iTunes will prepare the matched certificate and finally will stitch the randomized blobs to the firmware. If the blobs dont match the restore will fail and the bootloaders will reject the certificate.
+The device bootloaders (baseband or firmware) generate a random number at the restore, then send them to iTunes which sends them to Apple. Then Apple sends the APTicket / BBTicket [[SHSH]] certificate with the number generated. This level is the most critical: the number within the certificate is matched to the number generated on device, and if they match iTunes will prepare the matched certificate and finally will stitch the randomized blobs to the firmware. If the blobs don't match the restore will fail and the bootloaders will reject the certificate.
-==use==
+==Usage==
-===BBTicket==
+===BBTicket===
-*No iPod touch (or iPad Wi-Fi) has been signed with the BBTicket, since by definition it has no Baseband.
+*No iPod touch (or iPad Wi-Fi) has been signed with the BBTicket, since by definition it has no baseband.
-*[[M68ap|iPhone 2G]] (bootloaders can be neutered to cancel this signchecks). [[N82ap|iPhone 3G]], [[N88ap|iPhone 3GS]] and [[K48ap|iPad Wi-Fi+3G]]- If the baseband is higher or equal (or just higher on bootloader 3.9 on iPhone 2G). Some bootloaders allow downgrade of the baseband if it is still signed.
+*[[M68ap|iPhone 2G]] (bootloaders can be neutered to cancel this signchecks). [[N82ap|iPhone 3G]], [[N88ap|iPhone 3GS]] and [[K48ap|iPad Wi-Fi+3G]] - if the baseband is higher or equal (or just higher on bootloader 3.9 on iPhone 2G). Some bootloaders allow downgrade of the baseband if it is still signed.
-*[[N90ap|iPhone 4 GSM]], [[N92ap|iPhone 4 CDMA]], [[N94ap|iPhone 4S]], and [[K94ap|iPad 2 Wi-Fi+3G (GSM)]] and [[K95ap|iPad 2 Wi-Fi+CDMA]]- [[at+xnonce]]- Restores the baseband only if apple is still signing it. On bootloaders 2.8, 2.13,Trek and Phoenix, Both the at+xnonce and the "higher or equal" checks happen.
+*[[N90ap|iPhone 4 GSM]], [[N92ap|iPhone 4 CDMA]], [[N94ap|iPhone 4S]], and [[K94ap|iPad 2 Wi-Fi+3G (GSM)]] and [[K95ap|iPad 2 Wi-Fi+CDMA]] - [[AT+XNONCE]] - restores the baseband only if Apple is still signing it. On bootloaders 2.8, 2.13, Trek and Phoenix, both the [[AT+XNONCE]] and the "higher or equal" checks happen.
-===APTicket==
+===APTicket===
-*Devices with the [[S5L8900]] get SHSH blobs without APTicket on 4.0-4.2.1, even though they are not required and can be avoided with [[Pwnage]]+[[Pwnage 2.0]].
+*Devices with the [[S5L8900]] get [[SHSH]] blobs without APTicket on 4.0 - 4.2.1, even though they are not required and can be avoided with [[Pwnage]]+[[Pwnage 2.0]].
-*Devices with the [[S5L8720]] get SHSH blobs without APTicket from 3.1.1 and on, even though [[iBoot-240.4]] doesn't require them and they can be avoided with [[24kpwn]]
+*Devices with the [[S5L8720]] get [[SHSH]] blobs without APTicket from 3.1.1 and on, even though [[iBoot-240.4]] doesn't require them and they can be avoided with [[24kpwn]]
-*Devices with the [[S5L8920]],[[S5L8922]], [[S5L8930]] and [[S5L8940]] got SHSH blobs without APTicket between 3.0-4.3.5,and they can not be avoided (except for the [[iBoot-359.3]] with 24kpwn)
+*Devices with the [[S5L8920]], [[S5L8922]], [[S5L8930]] and [[S5L8940]] got [[SHSH]] blobs without APTicket between 3.0 - 4.3.5, and they can not be avoided (except for the [[iBoot-359.3]] with 24kpwn)
-*Devices with the [[S5L8920]],[[S5L8922]], [[S5L8930]] and [[S5L8940]] get APTicket SHSH blobs on 5.0+ ,and they can not be avoided (except for the [[iBoot-359.3]] with 24kpwn)
+*Devices with the [[S5L8920]], [[S5L8922]], [[S5L8930]] and [[S5L8940]] get APTicket SHSH blobs on 5.0+, and they can not be avoided (except for the [[iBoot-359.3]] with 24kpwn)
---Jailbreak difficulties==
+==Jailbreak difficulties==
-With nonce signtures, signatures can't be cached, because signatures will not match if they have been reused.
+With nonce signatures, signatures can't be cached, because signatures will not match if they have been reused. In other words, the widely used replay attack is no longer possible.
+==See also==
+*[[AT+XNONCE]]

Difference between revisions of "Nonce"

Revision as of 20:53, 7 December 2011

Contents

Method

Usage

BBTicket

APTicket

Jailbreak difficulties

See also

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Miscellaneous

Tools