[ACCEPTED]-How could I guess a checksum algorithm?-crc

Accepted answer
Score: 21

There are a number of variables to consider 21 for a CRC:

No of bits (16 or 32)
Normal (LSB first) or Reverse (MSB first)
Initial value
How the final value is manipulated (e.g. subtracted from 0xffff), or is a constant value

Typical CRCs:

LRC:    Polynomial=0x81; 8 bits; Normal; Initial=0; Final=as calculated
CRC16:  Polynomial=0xa001; 16 bits; Normal; Initial=0; Final=as calculated
CCITT:  Polynomial=0x1021; 16 bits; reverse; Initial=0xffff; Final=0x1d0f
Xmodem: Polynomial=0x1021; 16 bits; reverse; Initial=0; Final=0x1d0f
CRC32:  Polynomial=0xebd88320; 32 bits; Normal; Initial=0xffffffff; Final=inverted value
ZIP32:  Polynomial=0x04c11db7; 32 bits; Normal; Initial=0xffffffff; Final=as calculated

The first thing to 20 do is to get some samples by changing say 19 the last byte. This will assist you to 18 figure out the number of bytes in the CRC.

Is 17 this a "homemade" algorithm. In this case 16 it may take some time. Otherwise try the 15 standard algorithms.

Try changing either 14 the msb or the lsb of the last byte, and 13 see how this changes the CRC. This will 12 give an indication of the direction.

To make 11 it more difficult, there are implementations 10 that manipulate the CRC so that it will 9 not affect the communications medium (protocol).

From 8 your comment about RFID, it implies that 7 the CRC is communications related. Usually 6 CRC16 is used for communications, though 5 CCITT is also used on some systems.

On the 4 other hand, if this is UHF RFID tagging, then 3 there are a few CRC schemes - a 5 bit one 2 and some 16 bit ones. These are documented 1 in the ISO standards and the IPX data sheets.

IPX:  Polynomial=0x8005; 16 bits; Reverse; Initial=0xffff; Final=as calculated
ISO 18000-6B: Polynomial=0x1021; 16 bits; Reverse; Initial=0xffff; Final=as calculated
ISO 18000-6C: Polynomial=0x1021; 16 bits; Reverse; Initial=0xffff; Final=as calculated
    Data must be padded with zeroes to make a multiple of 8 bits
ISO CRC5: Polynomial=custom; 5 bits; Reverse; Initial=0x9; Final=shifted left by 3 bits
    Data must be padded with zeroes to make a multiple of 8 bits
EPC class 1: Polynomial=custom 0x1021; 16 bits; Reverse; Initial=0xffff; Final=post processing of 16 zero bits

Here is your answer!!!!

Having worked through your logs, the CRC is the CCITT one. The first byte 0xd6 is excluded from the CRC.

Score: 2

It might not be a CRC, it might be an error 9 correcting code like Reed-Solomon.

ECC codes 8 are often a substantial fraction of the 7 size of the original data they protect, depending 6 on the error rate they want to handle. If 5 the size of the messages is more than about 4 16 bytes, 2 bytes of ECC wouldn't be enough 3 to be useful. So if the message is large, you're 2 most likely correct that its some sort of 1 CRC.

Score: 2

I'm trying to crack a similar problem here 8 and I found a pretty neat website that will 7 take your file and run checksums on it with 6 47 different algorithms and show the results. If 5 the algorithm used to calculate your checksum 4 is any of these algorithms, you would simply 3 find it among the list of checksums produced 2 with a simple text search.

The website is 1 https://defuse.ca/checksums.htm

Score: 0

You would have to try every possible checksum 7 algorithm and see which one generates the 6 same result. However, there is no guarantee 5 to what content was included in the checksum. For 4 example, some algorithms skip white spaces, which 3 lead to different results.

I really don't 2 see why would somebody want to know that 1 though.

More Related questions