Written by Evilcry.

This paper will have the usual classical style of a CryptoReversing Approach, what we going talk about are the ECC also known as Elliptic Curve Cryptography; after a theorial study we will fly to the most common Secured Software Applications with a touch of Hardware Security.ware.

• Ida
• Ollydbg
• A good background of math 'n Cryptography

1. Basic Intro
2. Introduction To Elliptic Curve Cryptography
3. Basic Math Background - Group Theory
4. Basic Math Background - Finite Field Arithmetic
5. Generalized Discrete Logarithm Problem
6. What Elliptic Curves are
7. Elliptic Curves in Cryptography
8. Elliptic Curve Arithmetic
9. Pratical Elliptic Curves Operations Sample
10. Foundamental Features of EC, and pratical ECC generation
11. Elliptic Curves Cryptographic Applications
12. Basic ECC Architecture Considerations
13. The Elliptic Curve Discrete Logarithm Problem and ECC Attacks
14. The Elliptic Curve Digital Signature Algorithm
15. A Reverse Engineering Approach
16. ECDLP and Schoof Solving, for Security Patterns

KeygenMe 10 by WiteG

Basic Intro

Why a Reverser should study Cryptography?..many people "erroneously" have the bad "abit" to consider these two disciplines as isolated, but as you will see in the Professional or Recreational Reversing, also the analysis of the most easy and unknown algorithm is done in the same manner, with the same basical assumption and concepts for the inveribility. In Cryptography we will deal with most complex mathematical systems and with more "refined" reversing techniques but..as you will see the Resolution Pattern will be always the same.

Today many many Professional Protections bases their security upon Crypographic Algorithms of various kind, and also a big part of the future SSHR (Security-Software/Hardware-Research) will be directed (verso) the realization of Complex Systems of crypthographical algorithms, mantained by Purely Mathematical algorithms, and little by little we will need more complex Algebraic Attacks.

Actually the Research is working on new Full Cryptographic Chips, Hardened USBs and other Hardware that are builded to run specifically a Crypto Algorithm.

It's necessary to make some other distinction when we talk about Hardware Cryptography, we have two common systems for the "Efficient" Computation of an Algorithm:

ASIC Devices: Application Specific Integrated Circuit, that are specifically builded for Maximum Risk Applications, their power is the Efficiency and algorithm can't be changed after the producion.

FPGA devices: Field Programmable Gate Arrays, which contains arrays of computational elements obtained with a restricted set of instructions. These elements are called Logical Blocks and are connected with a set of Routing Resources that could be programmed.

In this last period many security studies on FPGA, revealed us some Complex Attacks that could be performed, i'm talking about Techniques of FPGA Exploitation but (s)fortunately this field is not for all :)

Finally..some consideration..there are many yet implemented Algos, such as: AES, RSA and ECC. The most intersting in my opinion are the ECC, because they offers a level of security similar to RSA with truly little KeySizes, and this is a big quality for Hardware devices, ECC are also fast, and are necessary little Certificates! (a foundamental point in mass hardware..PDA, SmartCards, Phones)

Quindi, conoscendo approfonditamente le possibilità di analisi e Reverse su software, anche se a livello implementativamente diverso, abbiamo lo stesso metodo di analisi necessario per lavorare anche sull'hardware.

Introduction To Elliptic Curve Cryptography

The Public Key Cryptosystems most used, are one based on factorizzation (RSA) and upon Discrete Logarithm Problem (Diffie-Hellman, ElGamal, Schnorr, DES). These Algos make possible, trusted communiations over insecure channels. There are various alternative secure communication systems, one of the is the Cryptography Based on Elliptic Curves or more easly ECC, they became a Main Stream, and this thanks to the numerous advantages that ECC can offers, in easy words extreme flexibility!. We have many proposed Elliptic Curves for PKC, some of them based on factorization problem, others on DLP. It's important to talk about the foundamental differences between the two "framework", factorization is essentially an Accademical and except little KeySizes there are no big differences with RSA.

More intersting are ECC based on DLP, because the security of these algorithms depends on the redefinition of the classical algorithms used for commo DL problems. This different implementation of classical DLP, drive us to a redefinition of Exponentiation, that we can call Sub-Exponentiation Time, if applied to the Resolution of Elliptical Curves. If we look at more general algorithms specifically builded for ECC, we have an Exponential Time. Sintetically, aspects of the same agorithm assumes different terms, if referred to the "EFFICACIA" which they have on DLP or ECDLP.

The beautiful story of ECC, begins in the 1984 thanks to Hendrik Lenstra, who coded a factorization algorithm based on the mathematical proprieties of Elliptic Curves, called Lenstra Elliptic Curve Factorization. The truly ECC borned in the 1985 by Neal Koblitz and Victor Miller taht reimplemented the already known algorithm upon algebrical structures as Elliptical Curve Math and Finite Fields.

Basical Math Background - Group Theory

I've decided to make an approsimatively complete discussion of ECC, so in this little chapter i've inserted some elements of Group Theory.

An Abelian Group (G,*) is a set G with assigned binary operation:

* = G x G -> G

that have the following proprieties:

• Associativity a * (b * c) = (a * b) c for all the a, b,c included in G
• Identity Element, exists an identity element e included in G that a * e = e * a = a for all the a included in G
• Existence of Inverses, For each a exists an element b called Inverse ofa, so a * b = b * a = e
• Commutativity, a * b = b * a

There are basicalli two groups, Additive (+) and Multiplicative (*). This distinction comes from the fact that a group is called additive when his identiti element a is 0, while the inverse is -a. Multiplicative groups are so called when the identiti element is 1, and it's inverse i a^(-1). Finally a group is called Finite when G is a finite set, in this case we have also an Order which pratically defines the number of elements of G.

For example, fixed a prime number p, we can easly build a finite group of order p, = {0,1,2,...,p-1}, obtained from a set of integers. For the precedent observations, we can assume two king of groups (, +) in other words an additive group of modulus p with identity element equal to 0, and also a group (*, *) where * denotes not-null elements from the set that we have considered and as you can see is a Multiplicative group of order p-1 and identity element 1.

At this point you may think, exist a group that contains both Additive and Multiplicative operations?..so we have only one mathematical object?..the reply is Yes!! (,+,*) called also Finite Fields, now you should know that we can define G as a Multiplicative Finite Group of order n and we can also introduce new elements typical of Finite Fields as the the g element, that the most little positive integer given from t and defined as:

g^t = 1

called Order of g, whose direct and most important consequence is to exist always and to be a divisor of n. Another truly important property of groups is the "chain effect", we can indeed define a set as:

<g> = {g^(i) : 0 <= i <= t - 1}

in other words the set of all powers of g, which (as you should have understanded) is by "it self" a group or better a SubGroup of G, and is called Cyclic SubGroup of G generated by g. For the nitation of Finite Field, all that we have said it's true also for G writted with Additive Rules, or more precisely the order of g is the most little positive divisor t in n, or better:

t * q = 0

and consequently:

<g> = { i * g : 0 <= i <= t - 1 }

In the Additive notation t*g assumes the sense of element obtained by adding t copies of g, we can also resume with only one definition: If G have a g element of order n, then G is a Cyclic Group and g will be called Generator of G.

Finite Fields Arithmetic

Finite Field Aithmetics is the foundamental basis of each system that uses Elliptical Curves, mainly in cryptography, the correct implementation of all algorithms over Finite Fields, is the dirst most important step to determine the efficiency and security of an ECC System.There are principally three king of finite fields:

• Prime Fields: formed by prime numbers.
• Binary Fields
• Optimal Extension of the Field

For each of these fields exists growing implementative difficulties in the sorted order that you can see, it's obvious that is alo necessary to implemend different algorithms for each kind of Field.

But all algorithms follows one common foundamental concept, the Execution of Aritmethic Operations, INTO and BETWEEN the fields, tecnically working as Mixer/Connector or as Single Operators.

The Fields, are abstractions or better SubSets called F of the various numerical systems that we know. Into fields are principally possible only two operations, Addition and Multiplication and they have exactly the same properties of the Groups.

In other hands the possible operations with Fields are four, indid we can add Subtraction and Division, as derived operation types the two principal. Subtraction is defined in additive terms as: a - b = a + (-b), while the Division is defined in terms of Multiplication, as a/b= a * b ^ (-1) as e b ^ (-1) inverse element, the element that respect the relation b * b ^ (-1)=1.

Finite Prime Fields: Are written as , where is a prime number > 3, defined also as the modulus of , for each integer a, (a MOD p) we will have a remainder r between 0 and p, the inverse operation, necessary to find r is called Modular Reduction.

Let's consider for example the field F29, his elements will be

F29={0,1,2,...,28}

So we can define 4 basical arithmetic operations

• 17+28 = 8 which corresponds to 37 MOD 29 = 8 (Addition)
• 17-20 = 26 which corresponds to -3 MOD 29 = 26 (Subtraction)
• 17 * 20 = 21 which corresponds to 340 MOD 29 = 21 (Multiplication)
• 17^ (-1) = 12 which corresponds to (17*12) MOD 29 = 1 (Inversion)

With this little example, we can see how basically works arithmetic fields operations and we can also put our attention to an important observation, the use of finite fields is the principal method to reduce computational complessity in terms of efficiency, ideed as you should have noticed the simple properties inside an addition (17 + 28 = 8 ) could have enormous "potentialities" if used in cryptography!

As you can see in this is the graph of a generical Asymmetric (the case of Elliptic Curve), and you should notice that given a good (long) key-lenght a computational inversion is too hard, but in the same time, x key-lenght is easly "workable" by normal computers (forward operation).

Binary Fields: Binary Fields are written as , and called also Finite Fields of Order 2, they could be cosiderated as a vectorial space m in F2 defined by the elements 0 - 1. From basical notions of Linear Algebra exists m elements a, that could be defined with a combination of linear independent vectors that originates the a base (m-1), we will consider this "special" Set as a BitString and over this we will define basical arithmetical operations, the Addition corresponds to the XOR between two BitStrings, Multiplication depends on the choised base. There are many Bases that could be used into , but the use for computational scopes is reducted because was discovered that some bases are less efficient that other. The choise could be done between Polynomial Basis and Normal Bases, we will works only with the Polynomial Representation. An irriducible polynome f(z) of degree m is choised, irriducible means that f(z) can't be factored as product of polynomes of degree < m. Here follows properties:

Let's consider a binary field F2^4, it's elements are 16 polynomes of max degree 3:

Possible operations are:

• (z^3+z^2+1) + (z^2+z+1) = z^3+z
• (z^3+z^2+1) - (z^2+z+1) = z^3+z (considr that in F2 (-1 = 1))
• (z^3+z^2+1) * (z^2+z+1) = z^2+1 so (z^3+z^2+1) * (z^2+z+1) = z^5 + z + 1 FOLLOWS (z^5 + z + 1) MOD (z^4+z+1) = z^2+1
• (z^3+z^2+1)^(-1) = z^2 ovvero (z^3+z^2+1) * z^2 MOD (z^4+z+1) = 1

The second member of MOD (z^4+z+1) corresponds to f(z)=z^4+z+1

Generalized Discrete Logarithm Problem

Let's now study the Discrete Logarothm, we will also see a pratical application of Group Theory. In each system based upon the DL we can found some Paremeters of Public Domain (p, g and q) were p is a common prime number, q a divisor (also this prime) of p-1, q have a range [1, p-1] and Order q, so we can say that t = q is thr most little value that verifies the following relation:

g ^t = 1 (mod p)

Now you should see this by other points of view :), indeed if we make some assumption we can redefine the entire encryption process of DL! suppose ideed that (G,*) is a cyclic multiplicative group of order n that have as generator g, we can "include" the entire algorithm DL into the same G!!. If we consider that Public Domain Parameters are g and n, automatically the private key is an integer x, randomly choised into the range [1,n-1] given by:

y= g^x

The problem to determine x, given g,n and y is defined as Discrete Logarithm Problem (DLP) in G, and a DL system based on G *should* be untractable but there are some conditions that make it's efficienci attackable. Every two Cyclic Groups of the same order n, these can be considerated operatively as the same groups, in better words, we have two idenyical boxes with a different (((contenuto))), as immediate effect we can represent the same object in different forms, as computational consequence we will obtain for each representation different efficienci curves (velocity), indipendently to be from DL or DLP.

What about DL and ECC?..easy we work always with Finite Fields, so researchers rewrited DL into ECC terms :)

What Elliptic Curves are

An Elliptic Curve is a plane curve given by: y^2 = x^3 + ax + b

The principal property (related to cryptographycal scopes) of this kind of curves is that the Set of the points of this curves formes an Abelian Group, which have as Identity element the Infinite. If curve's coordinates are estracted by a Finite Field sufficiently big, the set of their solutions will forms an Abelian Finite Group, you should also remember the DL could be considerated as a Set of Finite Cyclic Groups, and the jump to a group of points into an Elliptic Curve is short (if you have clear the previous assumptions) but with a foundamental difference the Incrased Complexity, that is the point of force of ECC.

This is is the plot of an Elliptic Curve obtained by y^2 = x^3 + ax + b:

Elliptic Curves in Cryptography

Basically the Elliptic Curve is only the mathematical architecture because its algebrical properties are used to define the elements of the Set from which is computed the Group. Consider a graph-plot obtained in the plain p x p, where p is as usual a prime number, obviously the Field that we obtain will go to 0 from p-1; so algorithmical operations will converge into thje points that respects the appartenence condition to . Elliptical Curves used in cryptography could be of two classes: the First: (with p > 3) and the Second with In the case of a generical appliation is used (called Extended Optimal Field) where q = p. Into elements are essentially integers derived from Modular Aithmetic operations. The applications are the most complex cause the number of possible rappresentations (the same efficiency concept of DL and DLP) as bitstring of each irreducible polynome f(z) of degree m.

The couple of affine coordinates (x,y) with generates an affine plane , from this specification we can directly obtain the definition of Elliptic Curve E:

An Elliptic Curve E, is the geometrical location of the points of the affine plane, which coordinates satisfies the equation (MOD p); which have as Point at Infinity O, in other words the point where the projective plains encounters the line at infinity. In the most simple case (p > 3) we will have that the is the already known y^2 = x^3 + ax + b, where a and b (((Appartengono) to . Let's to a little pratical exaple to clarify :)

Consider an Elliptic Curve in F7, you will have as defining equation: y^2 = x^3 + ax + b, so the pointsa will be:

E(F7) = {Infinity, (0,2), (0,5), (1,0), (2,3), (2,4), (3,3), (3,4), (6,1), (6,6) }

Now let's consider whose defining equation could be written as: y2 + xy = x3 + ax2 + b where a and b comes obviously from and are constants, with for O=(0,0) and in other cases O=(0,1); thanks the Hasse Theorem over elliptic curves, we can quantify the number of points into an elliptic curve by using the following relation: .

Elliptic Curve Arithmetic

All cryptographycal mechanism are based over the Elliptic Point Arithmetic, that is the foundamental, practical instrument used to attack/implement ECC. As previously said the points of an Elliptic Curve constitutes an abelian group that have as usual O as point defined at the Infinity, this point have the role of Additive Identity, taken two points we will have a Third Point defined as P+Q over obtaining as consequence

Points, as previously said said are the elements of an Abelian group, so we can define a set of operations defined in G that have O as identity element:

• P + Q = Q + P
• (P+Q) + R = P + (Q + R)
• P + O = O + P = P
• -P such as -P + P = P + (- P)= O

At the light of this properties, we can introduce two Foundamental Operations over ECs, this is a truly important part..so open your eyes ;)

Elliptic Curve Addition: We will use two approaches one Geometrical and one Algebric to better understand what is the real meaning of addition over EC. Exists a rule called of Cord and Tangent that allows us to sum two points of an elliptic curve defined as thanks to which we can obtain a Third Point:

P + Q = R

R is a point of the Elliptic Curve, we can also see (from the Table of Operations) that by defining the negative of P = (x,y), we will have - P = (x, - y) for and - P = (x,x + y) for , so we can define the following rules for the addition:

• if Q = O then P + Q = P
• if Q = - P then P + Q = O
• if then P + Q = R

For this last case we can distinguish between:

• Prime Fields : xR = l^2 - xP - xQ, yR = l(xP - xR) - yP where l =
• Binary Fields: xR = l^2 + l + xP + xQ + a, yR = l(xP + xR) + xR + yP where l =

You can se as algebrically we will obtain a Group with O identity Element..in other words an ECC!

Let's consider now the Geometrical Approach. Consider P and Q as two points of E, trace a line that passes from P and Q until intercepts the Elliptic Curve, obviously this will reveal a point that Reflected over the x axis will reveal our R(x3,y3)

This is only one of the possible Addition cases, now we will see the second case:

P - P Addiction: P + (-P) = O

The jointing P -P is a vertical line that obviously does not "generates" a third point R, so it's extension reach the infinity founding the point O, P + O = P

You will found further references over EC-Addition in the Reverse part

Duplication of P, 2P: Duplication can be writted as:

2P = P + P = R

From the geometrical point of view, this is equal to build the tangent to the curve into the point P, it's prosecution will reveal a point that reflected over x will give us R point:

Now come back to some analytical consideration:

• Prime Finite Field: xR = l^2 - 2xP, yR = l(xP - xR) - yP where l =
• Binary Field: xR = l^2 + l+ a, yR = xP^2 + (l + 1) x_R where l =

Duplication of P, if yP = 0: The tangent that passes from P is ALWAYS the vertical if the component yP = 0, consequently if we duplicate a point with this yP, we will obtain a tangent to the entire Elliptic Curve that obviously will never intercept R and only intercepting the point O at infinity:

2P = O

If we want to found 3P(always in the case of yP=0) the path is:

3P = 2P + P, where P + O = P

4P = O, where 2P + 2P = O + O = O

5P = P, where 4P + P = 4P + P = O + P

etc..

Pratical Elliptic Curves Operation Samples

With this last part, you reach a little basical reverser point of view of ECC :), let's see two pratical salmples of how works EC operations over :

Elliptic Curve Addition: let's consider the point P(4,7) e Q(13,11), P + Q = (X3,Y3) that will be determinated as follows:

X3 = ( (11 - 7) / (13 - 4) )^ 2 - 4 - 13 =

= 3^2 - 4 - 13 = -8 =

= 15 MOD 23

For y:

Y3 = 3(4-15) - 7 = -40 =

6 MOD 23

and finally R = (15,6)

Elliptic Curve Point Doubling: let's consider the same point P(4,7), 2P = (X3,Y3) that will be determinated as follows:

X3 = (check the Lambda for Point Doubling)

( (3*4^2 + 1) / (14))^2 - 8 =

=15^2 - 8 =

= 217 =

= 10 MOD 23

Y3 = 15(4 - 10) - 7 =

= -97 =

=18 MOD 23

Our R, will be R = (10, 18)

Obviously the 23 comes from the field that we choised, F23 ;)

.

Foundamental Features of EC, and pratical ECC generation

Order of the Group: Considering the curve , thanks to the Hasse Theorem over Elliptic Curves we can know the number of points of E included O, here the foundamental relation of Hasse:

Computationally, this is resumed into the Schoff algorithm known also as SEA (Schoof-Elkies-Atkin).

The knowledge of the number of points of E is foundamental for cryptography, in terms of implementability and of security, consider indeed a sum P+P+P+... sufficiently big, and remember that we're working on Finite Fields, easly we can reach the point O and this is NOT a good thing, because:

a*P = b*P for some a, b with b > a this demostrates the existence of c*P = O where c = b - a !!!

ECC Generation

This is not nothing more that the Order of the Group, that as you should have understanded CAN divide the order of the group itself! So it's truly important to generate an ECC with a precise order, and we can do this by using Schoof algorithm ( in the previous example obviously this algorithm is used indirectly ;)) or with more complex algorithms, as Complex Multiplication or the more immediate Theorem of Weil, instead if we're working on Hardware devices we can use the systems of Point Counting as AGM (Arithmetic Geometric Mean) and SST (Satoh-Skjernaa-Taguchi) that are the most performant ad spreaded especially over Binary Fields.

Other important conditions for a good ECC is the MOV Condition (Menezes Okamoto e Vanstone), without this you can fearly reduce the complexity in a logarithmic form! :)

MOV Condition: Suppose to have an ECC over GF(q) and a point fixed in F, firstly we check that the first T terms of the sequence (q, q^2, q^3...,q^T ) are different from 1 mod Prime_Order of F. T Usually is choised as

T = log2(q)/8

For the entire attack procedure, you can search on CACR website.

Remind also that a field of q elements should have an order different from q or we will have an Anomalous Elliptic Curve, and that's truly insecure!.

Elliptic Curves Cryptographic Applications

And now finally we reached the pratical and most intersing part, what could be the uses of our ECC:

• Use strictly crypographycal
• Integer Factorizzation
• Primality Proving

The foundamental assumpion of EC Cryptography is, how readapt a certain algorithm based over group theory with groups based EC Theory. Here some of the most common ECC Algorithms:

• ECDSA
• ECDH Elliptic Curve Diffie-Hellman
• ECMQV basato su MQV
• ECIES
• EC-KDSA

Basic ECC Architecture Considerations

Every implementation of EC applied on crypto algorithms have a basical architecture common to all algorithms, the foundamendal structure is the Domain Parameters procedure.

Domain Parameters: This structure defines the elliptic curve E in function of the Field a Basic Point G and the Order n of the field.

Usually is pointed out as : D = (q,FR, S,a,b, P,n,h)

• q the order of the Field choised
• FR (Field Representation) denotes the representation used for the elements of
• S (Seed) in the case the EC needs a PRNG
• a,b the two coefficients of the defining equation
• P org G is the Base Point or Generator (is a cyclic SubGroup), to be cryptographically usable the Order of G needs to be the lesser prime number not negative such that nG = O.
• n is the order n of the Base Point
• h is the Cofactor

Because 'h' is the order of , for the Lagrange Theorem , into cryptographycal operation the cofactor need to be eand usually is used h = 1.

The Domain Parameters are the most vulnerable elements of an ECC, and are the first parameters that an hypothetical attacker will go to check, it's important from the security point of view that Domain Parameter respects the prescriptions of NIST and SECG; the most classical attacks are the Pohlig-Hellman and Pollard’s rho, strictly dependent from the number of points of an elliptic curve.

Key Pairs: Are the keys used into ECC, and are strictly related to Domain Parameters, the Public Key is choised casually by selecting a point Q into the group <P> generated from the point P, while the Private Key d is exstracted from the following relation:

d = LOGp (G)

The elliptic curve discrete logarithm problem and ECC Attacks

The intractability of the DLP is of foundamental importance for the security of every ECC algorithm, we talked briefly about the fact that the problems connected to the DLP are the same for DLP over EC, which is called ECDLP, anc can be defined as:

Given a curve E defined over and a point of order n, and a point Q appartaining to <P>, we have to found the integer I included in the range [1,n-1] so that Q = l P. This integer i it's indeed the Discrete Logarithm of Q in base P denoted l = LOGp (Q).

So you understand how important is the choise of Domain Parameters, necessary to resist against all attacks based on ECDLP. The most known algorithm for ECDLP resolution is the Exhaustive Search, that computes the sequence of points P, 2P, 3P until Q is found, the principal disavantage of this algorithm is the low velocity, indeed the Running Time is approximately of n, so an n choised sufficiently big it's a good countermisure against this kind of attacks. Other important attacks are Pohlig-Hellman and Pollard’s rho that have an Exponential Running Time, precisely of O(Sqrt(p)), where p is a prime number sufficiently big, to be protected against this attacks is necessary to choise an n divisible for p, such as step-Sqrt(p) will be unusable cause the incrase of computational time.

The basical mechanism of Pollard's Rho it's easy, we have to follows random steps (better defined as Random Walk) until ax, ay, bx ,by are founded:

= ax*B + bx*A == ay*B + by*A

= ax*l*A + bx*A == ay*l*A + by*A

= (ax-ay)*l*A == (by-bx)*A

= (ax-ay)*l == (by-bx) mod NP

= l == (by-bx)*(ax-ay)^(-1) mod NP

(if you're confused with letters just refer to the last crackme analysed in this paper)

There are also other category of attacks, called Isomorphism Attacks that try to reduct ECDLP to DLP, most known are Weil and Tate Pairing Attacks, this kind of attacks can be used only in presence of Anomalous Prime Fields.

The Elliptic Curve Digital Signature Algorithm

The ECDSA is the corrispondend DSA over EC, i choised ECDSA because is the most diffused also in SW Protections, it's also the most standardized (ANSI X9.62, FIPS 186-2, IEEE 1363- 2000 e l' ISO/IEC 15946-2). Let's study the algorithm step by step:

A big regard to all UIC: Quequero, AndreaGeddon, LonelyWolf, Alfa62, ZaiRoN, LittleLuk, RET: Devine9, Black-eye, BigS, Aimless, Haldir, ^Daemon^ and last but not least my Cattina^_^) for all others not mentioned here..sorry :)

Noi reversiamo al solo scopo informativo e di miglioramento del linguaggio Assembly.

Capitoooooooo????? Bhè credo di si ;))))