What is NAGRA 2..read here


Unregistered guest
Nagra2 is not as tough as people think, Its tougher.

What is Nagra2?

Its the newest encryption system by the Kudelski group.

From there site:

Nagravision CA solutions allow television operators and content providers to:
• Protect revenue by restricting access only to paying subscribers
• Scale and upgrade their system to match business
• Increase average revenue per user by adding new
• Benefit from a robust, simple to operate system that is extremely secure
• Minimize costs of deployment and limit implementation risk.

Aladin and MediaGuard CA further address new market opportunities by enabling operators to introduce innovative concepts such as:
• Basic encryption providing authorization and authentication functionalities for the transition of the operators'subscriber base from analog to digital
• Disposable smart cards containing access rights to selected high value content for a limited period of time
• DVR based services enabling the introduction of
content on demand services to generate new revenue

I have lost most or all of my channels, will I ever get them back as I miss my PPV, Starz and Po*rn?

Good question, not easily answered. but maybe one day. Not now or in the near future, just wait it out.

Will it ever be hacked?

Eventually but it will require vast resources of money and capable people.

Will my Fta receiver work after Nagra2 takes over?

No, absolutely not, contrary to what FTA dealers will tell you, No FTA receiver will work.

Will my Atmega, AVR or Rom 2,3,10 or 11 work after Nagra2 takes over?

Unfortunately, NO it will not. it cant be any simpler than that.

Is it possible to program the new N2 cards yet?

No, not at this time

Before you listen to anyone who claims to know anything, heed this advice.

There is no known P4/P5 hack, there is no known Nagra2/Alladin hack, anyone who says there is just wants to screw you out of your hard earned money!!!

Some technical thoughts:

Nagra 2: The $07 and $1C commands - A technical discussion


First off, this discussion is directed to the handful of real technical experts out there. The layman is also welcome to read this thread for it
will give him a realistic picture of the new encryption technology, but he should refrain from participating in this discussion if he has
nothing of technical merit to contribute. Otherwise, this thread will degenerate into useless rambling.

I decided to post my findings because there is so much mis-information out there. There has been much talk recently that Nagra 2 is an impenetrable fortress that will never be
compromised, much like the P4 card. At any rate, that is the prevailing view among the layman. Perhaps this thread will enlighten many of you.

Anyone who has logged the Nagra 2 datastream and compared it to the Nagra 1 datastream will be astonished - nothing much has changed! Some
of the commands have been renamed and slightly re-formatted. Why were the commands re-named? Most likely so that a Nagra 1 card wouldn't get
confused with commands directed to the Nagra 2 card and vice-versa,while both the Nagra 1 and 2 streams were active together.

Now, there are some commands that come down in plaintext and others that are encrypted. The plaintext commands are trivial and can be easily
emulated for both Nagra 1 and 2 and we won't bother discussing them. The encrypted commands are $04, $07 and $1C for Nagra 2. (The corresponding ones for Nagra 1 are $00, $03 and $13).

We can completely ignore command $04 because it only provides updates to the card that are not critical to generating video. This was the purpose of the $00 command in Nagra 1 and as many of you know, when you put blocker code on your Nagra 1 cards, you are simply ignoring command $00, but you still get video!

So, that just leaves commands $07 and $1C. Since this is the heart of the Nagra 2 encryption, it is quite astonishing that nobody has much to
say about these commands even when the demise of Nagra 1 is upon us.

Well, here is where the discussion gets more technical, so do try to follow along.

Technical Discussion: Command $07

Well, it would help if we all knew what a command $07 looks like, so here is a recent log of that command:

21 00 4D ; A0 CA 00 00 ;Standard Header
47 ;Instruction Length
07 ;Command
45 ;Command Data Length
01 01 ;System ID
86 00 08 ;ECM Type, Key Select
xx xx xx xx xx xx xx xx ;Valid Hash (Signature)
xx xx xx xx xx xx xx xx ;Encrypted Packet 1
xx xx xx xx xx xx xx xx ;Encrypted Packet 2
xx xx xx xx xx xx xx xx ;Encrypted Packet 3
xx xx xx xx xx xx xx xx ;Encrypted Packet 4
xx xx xx xx xx xx xx xx ;Encrypted Packet 5
xx xx xx xx xx xx xx xx ;Encrypted Packet 6
xx xx xx xx xx xx xx xx ;Encrypted Packet 7
02 ;Expected Response Length
cs ;Checksum

And the standard response from the card:

12 00 04 ; 87 ;Standard Response Header
00 ;Response Code Length
90 00 ;SW1/SW2
53 ;Checksum

Well, for those of you who are familiar with Nagra 1, it looks exactly the same as the $03 command except we have 7 encrypted packets instead of 4. The first question we need to ask is why are there 3 more packets?
The answer, as you will see later on when we discuss the $1C command is that 6 control words ?? are being sent as opposed to 2 in the Nagra 1 setup. So, we would expect 4 more encrypted packets over the original 4
in Nagra 1. But that would be a total of 8 packets and not 7? But remember, with Nagra 1, there were some pad bytes that they are probably
now using for the extra control words. So 7 encrypted packets sounds about right.

Now, what is the encryption being used? We can certainly rule out 64 byte RSA because there are only 56 bytes of data. So it has to be a
block cipher that operates on 8 bytes or 64 bits at a time. We can rule out any block ciphers that operate on 16 bytes or 128 bits at a time
because we have 7 packets and not 8.

So what are the cipher candidates? DES, 3-DES, IDEA. There are other candidates like Lucifer, Madryga, NewDES, FEAL, etc. The problem with
these latter ciphers is that they have either been proven unreliable or simply aren't widely implemented on silicon.

I am hesitant to even include IDEA in the list because there has been no rush by industry to adopt it as a replacement to DES and a commercial
license must be granted by the inventors for its use. IDEA also uses a 128 bit key and operates on 64 bits of data. Also, patents filed by
Kudelski indicate a 64 bit ECM key and not 128 bit.

Many in the testing community have suggested that 128 bit IDEA is being used. Yet, they have not offered any proof of this. They are welcome to
substantiate their claims here.

This writer believes that DES or variation of DES such as 3-DES is being used, similar to Nagra 1. Why would they change this encryption
algorithm when it was never compromised? I mean everyone was getting the DES keys from card dumps and NOT from a genuine attack on the DES
algorithm. It would be like a shopowner installing a bigger lock on his shop door after burglars broke in through the window...he would be better off putting bars on the window instead.

Also, they had the DES crypto-processor in silicon already and my hunch is that they simply built around the Nagra 1 card.

Put very simply: If you can't get the DES keys in a roundabout way, DES is quite secure. And at this time, nobody can get the DES keys!

One way to settle this matter would be to perform a statistical power analysis of both Nagra 1 and 2 chips while they are decrypting $03 and
$07 commands. If there 16 rounds of decryption, then it is DES. IF there are 8 rounds, then IDEA. If there are 48 rounds, then 3-DES. These
patterns will be clear during the test. A secondary test, although less conclusive would be a to simply time the execution of the $03 and $07
commands. IDEA takes only half the time to execute on average.

If anyone has more information about the block cipher or about command $07, please feel free to post. We really can't go any further until we
know the block cipher with certainty.

But the $1C command is much more interesting and easier to break! Keep reading...

Technical Discussion: Command $1C

This command is used to encrypt the control words and send them to the IRD. It is the counterpart to the $13 command in Nagra 1. It is slightly
different in format to the $13 command, which led us to our observations about the extra 3 packets in the $07 command.


Unregistered guest
Here is a log of the $1C command:

21 00 08 ; A0 CA 00 00 ;Standard Header
02 ;Instruction Length
1C ;Command
00 36 ;Response Length
cs ;Checksum

And the response from the Nagra 2 card

12 00 38 ; 9C 34 ;Standard Response Header
00 08 ;Control Select? Filler?
aa aa aa aa aa aa aa aa ;Control Word 1a
bb bb bb bb bb bb bb bb ;COntrol Word 1b
cc cc cc cc cc cc cc cc ;Control Word 1c
00 08 ;Control Select? Filler?
AA AA AA AA AA AA AA AA ;Control Word 2A
BB BB BB BB BB BB BB BB ;Control Word 2B
CC CC CC CC CC CC CC CC ;Control Word 2C
90 00 ;SW1/SW2
cs ;Checksum

The response is exactly as expected from the Nagra 1 card except Control Words 1b, 1c, 2B and 2C are new! Now, since the control words come down in the $07 command, we are justfied in assuming the extra 3 packets in the $07 command are simply these extra control words coming down. These extra "control words" must be important or they would not be added to the $07 payload!

What are these extra control words and why are they there? The Mpeg-2 stream only needs 2 control words to be descrambled. Perhaps the extra "control words" are for future use on the Mpeg-4 stream. If there are any experts on the Mpeg-4 digital format, please enlighten us on the use of control words in Mpeg-4. As far as I know, there is an extra DEFAULT control word, in addition to the ODD/EVEN control words used in Mpeg-2.

Although we are not entirely certain that these extra "control words" are really control words, we shall call them by that name. We are certain that 2 of the 6 are indeed control words, or otherwise, the current MPEG-2 stream could not be descrambled.

Now, lets discuss the encryption used by $1C. First off, the encryption used by Nagra 1 and command $13 was DES and the 64 bit key used for
encryption was the infamous IRD boxkey. Whatever the encryption for command $1C, the IRD boxkey is still being used as anyone can confirm by
changing the IRD boxkey on a subbed Nagra 2 IRD. The result will be a black screen. Furthermore, one can easily clone receivers and still use
a valid Nagra 2 card.

IDEA has been proposed as the new encryption schema here too, but no proof has been given. Nobody has publicly disassembled the firmware and
reverse engineered the algorithm. If IDEA is not being used on the $07 command, it definitely not be used on a much less sensitive command like
$1C. Again, thos who claim IDEA is being used are welcome to offer proof.

It is the opinion of this writer that DES or a variation of DES is being used. I am led to believe this because I have not succeeded in finding the S-box constants in any IRD TSOP dumps...leading me to believe that
DES decryption is being done by a dedicated crypto-processor inside the IRD. A card swap does not mean any chips inside the IRD are changing...so unless an IDEA chip already existed in all IRDs (farfetched, but possible), they would have to implement IDEA in software and that would give the inner workigs of the algorithm away.

If anyone knows where the S-Box constants are stored, please tell us and that would settle this matter.

There has been some talk about a "secondary key" in some model IRDs. This supposedly prevents receiver cloning as both the boxkey and various "secondary key" have to be known. Some have argued that this supports the hypothesis of IDEA being used with a 16 byte key. However,
any secondary or tertiary keys may also be used in 3-DES or some variant. The model IRDs I have examined do not seem to have any "extra" keys.

The decryption process of the $1C command should not be too hard to break, and I expect it to be broken first. It would be the first step
towards a married-sub solution.

More than likely, what is happening is the 6 "control words" are being decrypted using DES and then combined using basic logic functions to
come up with the "valid" 2 control words that we were all used to with Nagra 1.

For if they sent down only 2 control words in Nagra 2, we could compare them with the known 2 control words being used by Nagra 1 and quickly
break the cipher. Hence, the most logical reason for 6 "control words" is confusion.

Something to try: If anyone is running an emulation setup for Nagra 2,they could try changing control words 1b, 1c, 1B, 1C or, any combination thereof, before sending them to the IRD and see what difference it makes. Are you still getting video?

So folks, that is a realistic view of Nagra 2...it is one of the simplest Conditional Access systems around, but, when you don't have the
cipher keys, one of the most complex too
Command $1C - Important Observations

In our previous post we mentioned that the response to the $1C command included 6 encrypted packets. We concluded that 2 of these packets had
to be control words. For lack of a better name, we called these packets "control words" 1a, 1b, 1c, 1A, 1B, 1C.

Some tests were done and we have confirmed that "control words" 1b,1c,1B and 1C do absolutely nothing. In fact, these packets were "zeroed out" and only 1a, 1A were returned to the IRD in the original format for processing. The IRD did not complain and video was generated as usual without interruption. If 1a or 1A were modified, then video disappeared. So this proves that the real Control Words are 1a and 1A.
The other packets, at least for the moment, are not being utilized for any obvious purpose.

We can only speculate as to their purpose. Someone mentioned that Nagra2 doesn't have the equivalent of an $02 command...Perhaps the additional 4 packets in response to $1C will be used in MECM logic operations on the 2 real control words sometime in the future??

It has also been proven (by using an AVR in blocker mode) that command $04 is currently not relavent to generating video. So this is a fact and doesn't need to validated as someone suggested.

So, it looks like the response to command $1C is now exactly the same as the old $13 command in Nagra 1. I am almost positive DES is being used
on the 2 valid control words. If someone has disassembled the IRD firmware and found evidence of IDEA being implemented...it may have something to do with the other 4 packets. Please PM me your findings, as I would be very interested in any IRD disassembly, but unfortunately don't have the time to look into this myself!

As for command $07, firmware disassembly will not reveal the encryption algorithm because the IRD never processes command $07.

Brief introduction
There are a great many misconceptions out there about how vulnerable Pretty Good Privacy is to attack. This FAQ is designed to shed some light on the subject. It is not an introduction to PGP or cryptography. If you are not at least conversationally versed in either topic, readers are directed to The Infinity Concept issue 1, and the sci.crypt FAQ. Both documents are available via ftp from infonexus.com. This document can be found there as well.

PGP is a hybrid cryptosystem. It is made up of 4 cryptographic elements: It contains a symmetric cipher (IDEA), an asymmetric cipher (RSA), a one-way hash (MD5), and a random number generator (Which is two-headed, actually: it samples entropy from the user and then uses that to seed a PRNG). Each is subject to a different form of attack.


Commands structure Breakdown

Nagra1 Nagra2 Function

------ ------ ------------------------------------------------------

$00 $04 Entitlement Management Message (EMM)

$01 $xx PPV Entitlement Management Message

$02 $xx MECM key update

$03 $07 Entitlement Control Message

$12 $12 Serial Number Request

$13 $1C Control Word Request (video decryption key request)

$14 $15 Processing cycle request

$20 $22 Data items available request

$21 $22 Data item request

$30 $xx Request for encryption of data to be sent in callback

$31 $xx Request for data encrypted by previous command $30

$40 $xx EEPROM data space available request

$41 $xx PPV buy write

$42 $xx PPV buy link

$55 $xx Read email

$56 $xx Delete email

$60 $xx Get IRD command

$61 $64 Write IRD info

$99 $xx Anti-piracy message

$C0 $C0 CAM status request

$C1 $C7 Request for ID of updated data items

-------------------------------------------------------------------------------- --------------------------------------------------

CLICK HERE For More NAGRA2 Info(Page2)

There is no known P4/P5 hack, there is no known Nagra2/Alladin hack, anyone who says there is just wants to screw you out of your hard earned money!!!

Click Here for the Nagra2 Patent Application (Public Documents)

What is Satellite TV and how does it Work?

This is taken from www.nagra2. org


Unregistered guest
Throw away or get rid of those FTA"S pieces of JUNK.Peeps there good for nothing in a while.nN2 WONT work.well maybe and its a big maybe the dreambox is about it.get rid of them and get a 2700 model it will work for the new 101 yellow card fix which will be out shortly.

do not buy from www.securedish.net
they scamed me

Unregistered guest
Should of known better, you dumb_ass, with all the warnings, and you still got scammed. Damn.
« Previous Thread Next Thread »

Main Forums

Today's Posts

Forum Help

Follow Us