Init sequence:
ON 225371 (Locked) ENT (Options?)
000 -> 000 -> 011 -> ENT (Key1?)
100 -> 100 -> 100 -> 100 -> 100 -> 100 -> 100 -> 100 -> ENT
(C4B738CD) ENT
(New PSC?)
00000000 ENT
(PSC?)
00000000 ENT
(Card OK)
Then I use the token with Correct PIN and challenge:
00000000
I get the response:
741B9700
If I DES-encrypt the ASCII string "0000000" (0x 30 30 30 30 30 30 30
30) with the key "@@@@@@@@" in ECB mode, I get the following result:
0x741B9700C4D59E0B
This means that the token are displaying the value of the truncated
DES result of the challenge in ASCII.
But now comes to the question: If I log on to the token with a
incorrect PIN, lets say: 11111111
and perform a authentication, I get for the challenge "00000000":
1A55012B
I tested a different incorrect PIN, got a new response for same
challenge.
I initalized the token with a new key, and attempted PIN 11111111, and
challenge "00000000", and got a new result.
So as long as: The incorrect PIN entered, the key programmed into
token, and challenge is the same, the response is same too....
It seems it obfuscates the response or challenge using something from
the incorrect PIN that was entered, if a incorrect PIN is entered.
How can I calculate the response from:
The incorrect PIN entered
The challenge entered
The DES Key programmed in into the token
Anyone that have any ideas, which algoritm is applied to the challenge
and incorrect PIN, when a incorrect PIN is used with the token?
Have also found out that the incorrect PIN's:
00000000 (if it would be incorrect), 11111111, 01010101, 11110000 and
so on, would generate the same response.
22222222, 23232323 and 33333333 also generates same response,same with
4+5, 6+7 and 8+9.
Also found out that if the PIN is specified as a DES key to something,
either as ASCII or some other encoding, the DES response will be same
since the last bit of each byte in a DES key is parity.
So the incorrect PIN is used somewhere as a DES key.
Cryptocard RB-1 (DES) invalid PIN entry calculation 
Linear Mode
