Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PCIe gen 1/2: Known plaintext calculation of scrambler state during beginning of waveform #348

azonenberg opened this issue Nov 21, 2020 · 0 comments
filter Filter graph blocks


Copy link

Right now. all traffic before the first K28.5 in a waveform isn't decodeable, other than TLP/DLLP start/end markers which aren't scrambled.

If we can find something we know to be an logical idle (stream of Dx.x after an END symbol) we know the plaintext is all 0x00s, so we can easily calculate the scrambler key stream. This should allow us to realign the scrambler in both the forward and reverse direction.

@azonenberg azonenberg added the filter Filter graph blocks label Nov 21, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
filter Filter graph blocks
None yet

No branches or pull requests

1 participant