On Sat, Mar 31, 2007 at 02:30:44PM -0400, mark at mark.mielke.cc wrote:
> To prove this, consider the other approach to "cracking" the RSA
> check: Extract the secret key from the public binaries. Even if the
> module link order is randomized, and the symbol information stripped,
> the client still contains the secret key, and still must access it
> when presented with the RSA check. Tracing execution of the client, or
> disassembling a stripped binary may be beyond many people. It is not
> beyond all people. The secret key widely distributed in every blessed
> Netrek client.

This is not how RES-RSA works.  RES-RSA creates a functional
representation (blackbox) of the RSA algorithm specific to the client's
secret key, so it does not embed the secret key verbatim in the binary,
and the secret key is never reconstructed at runtime.  I believe that
the functional representation can be reverse engineered to recover the
secret key, but this has never been mathematically proven.  There are
far more effective ways to break RES-RSA than trying to recover the key
from a blessed binary.