Difference between revisions of "System Link"
(Split from Network article) |
Mborgerson (talk | contribs) (Add system link patent) |
||
(3 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
=== Secured traffic === | === Secured traffic === | ||
− | Xbox network traffic is secured through [[wikipedia:IPSec|IPSec]]. The implementation appears to be similar to [https://tools.ietf.org/html/rfc3948#section-2.1 | + | Xbox network traffic is secured through [[wikipedia:IPSec|IPSec]]. The implementation appears to be similar to [https://tools.ietf.org/html/rfc3948#section-2.1 RFC 3498, Section 2.1] from 2005 which was co-authored by Microsoft. |
The protocol uses UDP port 3074 which is also registered with the IANA for use in the Xbox[https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=3074]. | The protocol uses UDP port 3074 which is also registered with the IANA for use in the Xbox[https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=3074]. | ||
Each Xbox uses the IP 0.0.0.1, so addressing relies on MAC-addresses{{FIXME|reason=Confirm this}}. | Each Xbox uses the IP 0.0.0.1, so addressing relies on MAC-addresses{{FIXME|reason=Confirm this}}. | ||
− | The specific implementation in the Xbox uses TripleDES ([https://tools.ietf.org/html/rfc1851 | + | The specific implementation in the Xbox uses TripleDES ([https://tools.ietf.org/html/rfc1851 RFC 1851]) for encryption, and SHA1-96 as [[wikipedia:HMAC|HMAC]]. |
==== Key derivation ==== | ==== Key derivation ==== | ||
Line 69: | Line 69: | ||
| | | | ||
|} | |} | ||
+ | |||
+ | === References and Links === | ||
+ | |||
+ | * [https://hllmn.net/blog/2023-09-18_h1x-net/ Exploring The Halo 1 System Link Protocol] | ||
+ | * [https://www.google.com/patents/US20030093669 Patent: Network architecture for secure communications between two console-based gaming systems] |
Latest revision as of 22:36, 19 December 2024
Contents
Secured traffic
Xbox network traffic is secured through IPSec. The implementation appears to be similar to RFC 3498, Section 2.1 from 2005 which was co-authored by Microsoft.
The protocol uses UDP port 3074 which is also registered with the IANA for use in the Xbox[1]. Each Xbox uses the IP 0.0.0.1, so addressing relies on MAC-addresses[FIXME].
The specific implementation in the Xbox uses TripleDES (RFC 1851) for encryption, and SHA1-96 as HMAC.
Key derivation
The following keys are involved in generating the actual network crypto-keys:
- XboxLANKey (Kernel export)
- Game specific LAN Key (XBE Certificate Header)
The algorithm to generate the final keys, is this:
LAN-Hash_1 = HMAC(XboxLANKey, concatenate(0x00, XBE-LAN-Key)) LAN-Hash_2 = HMAC(XboxLANKey, concatenate(0x01, XBE-LAN-Key)) LAN-Hash = concatenate(LAN-Hash_1, LAN-Hash_2) LAN-SHA = LAN-Hash_0_to_15 LAN-DES = XcDESKeyParity(LAN-Hash_16_to_39)
XcDESKeyParity is the same as the respective function in the Xbox kernel.
Broadcast messages
Because no security association exists for broadcast messages, these are handled differently. A common use case for broadcast messages is a server announce request / response.
Broadcast messages are send to 255.255.255.255 (MAC-address: FF:FF:FF:FF:FF:FF) using SPI 0xFFFFFFFF and Sequence Number 0xFFFFFFFF. A random IV is chosen, but nothing prevents re-using an IV.
Security association
Most messages require an SA between devices[FIXME].
XDK API
[FIXME]
function | description |
---|---|
XNetCreateKey(&xnkid, &xnkey) | |
XNetRegisterKey(&xnkid, &xnkey) | Register the session key |
XNetXnAddrToInAddr( pxnaddr, pxnkid, &pseudoIP ) | Convert the address to a winsock usable format |
XNetUnregisterKey( &xbc.SessionID ) | |
XNetGetTitleXnAddr( &hostAddr ) | Gets your XNADDR. Used by syslink, and lots of other people. |
XNetGetEthernetLinkStatus() |