Decryption by Plaintext Attack

[StreetskaterFU]

Hi, i've think of a full decryption of the semi decyrpted warhawk files. i would try to start a plaintext attack, do u think it would work?

For the test i need the encrypted files,too. They are legal so i would ask if someone can give me a download link?

thanks in advance

streetskaterfu

[jimparis]

No, we do not discuss game hacking here.

[StreetskaterFU]

its not for game hacking its to understand the self files

[kururin]

This wont work anyway, the encryption used in that file is no simple xor algorithm, you need more than a few bruteforcing to get it to plain text, even with the half of it being decrypted.

[d-range]

You cannot plaintext attack public/private key-pair encryption systems like used for the PS3 game code. Depending on the key size (probably 128 bit or more) it will take you somewhere between twenty thousand and 2 billion years before you hit the private key... On average... If you're using a supercomputer.... You have a better chance of finding the private key by disecting the hardware itself, but even then you need insane tools to do it. So if I were you, I'd just give it up.

[gotama]

You have a better chance of finding the private key by disecting the hardware itself, but even then you need insane tools to do it.

Can you extend this, please?

i wonder why movie BR keys was found and to find hdd key is that hard

What method did they use in order to find that key?

[Ps3Rips]

d-range is 100% right about needing to attack the hardware.

This is the old school way of opening up consoles to homebrew etc.
Of course Ps2Dev seem to prefer the way of finding holes in the machines logic.

The only problem with the hardware way is that generally its associated with Modchips and that is associated with piracy.

Its really expensive and just like the logic hacking there are only a few people skilled enough to really know how to bypass the security.

Generally and this is a gross understatement you would need to

Remove the top layer of a chip - there are many ways to do this but it usually means getting some acids or using a laser (remembering to try and keep the chip still operational).

The you should end up with something like this



Once you have that then using a very very powerful microscope you can look at the chip in greater detail and you should have something like this.


And once there you can use some specialist tools like a Focused Ion Beam Workstation http://en.wikipedia.org/wiki/Focused_ion_beam
to look at patching the Nands and probing them for keys and other goodies.

Now like I said at the start all of that is way over simplified and also a very costly thing to do. Plus your going to need a nice number of Ps3's to experiment on, plus as much technical documentation you can get your hands on. The last bit about the actual design of the ps3 Hardware wise is not very widley known.

Yes we all know about how many SPE's / Nands etc but I'm talking about mapping documents which explain how the chips are mapped internally.

Anyway you get my point.

Personally I think the Ps2Dev way is more elegant but I also look in awe whenever I see someone open up a chip and grab codes or even inject codes that they are not meant to have access to.

PS None of those chips are from any Consoles and its not my work. I've just seen it done.

[audi100quattro]

It's insane to even try to "attack hardware" by trying to look at it through a really powerful microscope. What're you going to do, take pictures of half a billion transistors and try to put it all together? Regardless, cryptographic keys aren't stored there, and you'd have better luck trying to decipher IBM's design by signing up to power.org or something. If you could magically do it, you'd pretty much be guaranteeing all hardware design would be done in an opensource way going forward.

Putting a digital oscilloscope to the buses in the ps3 during startup will get you further but considering nobody's even been able to do it to the iphone, it'll be a while before those oscilloscopes even get to most universities. That's assuming what's being sent over the buses isn't encrypted which could be asking too much.

[Ps3Rips]

I'm not talking about just looking down a microscope thats only done so you can identify the differing parts that make up a chip or device.

Usual hardware attacks would be.

* Probing for Electrical glitches:
* Optical Erasure: (UV light)
* Optical glitches: These can sometimes give strange results.
* Bus attacks: Sitting on the databus (As mentioned by you). This method is effective but V hard.

This hardware hacking is the exact same way that Bunny hacked the Xbox back in 2002 (I think he was the first?)

http://www.g4tv.com/screensavers/featur ... _key=10099

The point still being that Hardware is usually quicker and faster at gaining access if you want to take a look at what secrets a machine is holding.
Unless of course there is an obvious software flaw. Which knowning Sony there isn't. (obvious ones that is)
There are software flaws I think I remembering reading about a user here using a Ps2 Homebrew bios dumper to look at the Ps2 Bios updates in the firmware.
And also I'm sure that someone only last week mentioned a security flaw that they had notified sony about almost a year ago that still lay unpatched. Plus you could guess many more that people are not talking about.

Anyway I'm sure that this is a boarderline discussion for this forum. So I'll leave my post there.

[d-range]

You have a better chance of finding the private key by disecting the hardware itself, but even then you need insane tools to do it.

Can you extend this, please?

i wonder why movie BR keys was found and to find hdd key is that hard

What method did they use in order to find that key?

They did a memory scan of a software decoder, which of course has the private key in it otherwise it would not be able to decode the movie. By assuming certain properties of the key itself and they way it is accessed during playback the (temporary and obfuscated) in-memory keys were found eventually. This was at least how it went with HD-DVD, I don't know how they hacked Blu-Ray but most likely the same way. Any decryption device/program needs to have the decryption key, either in hardware or in software, and that's where hackers look for it, not by doing brute-force attacks.

It's insane to even try to "attack hardware" by trying to look at it through a really powerful microscope. What're you going to do, take pictures of half a billion transistors and try to put it all together?

That's actually one way of doing it, and you'd be surprised how much you can get from that. Decryption logic for common algorithms (like RSA/DSA) have recurring regular patterns that look similar in any silicon implementation. By etching layers off the chip, taking pictures using an electron microscope, and then doing analysis on it, you can find the part of the chip that performs the decryption. From there you can look further to what parts of the chip might be related to it, e.g. where the key itself is stored. This is how smartcards are hacked btw. Another example of hardware 'probing' is the 360 timing attack for kernel downgrading, that's a 100% hardware attack, robinsod who figured this out used nothing but assumptions about the CPU-key verification process and by measuring how the hardware reacts to wrong inputs (measuring timings), the individual bits of the key can be recovered one-by-one. No decrypted software itself involved at all.

Regardless, cryptographic keys aren't stored there, and you'd have better luck trying to decipher IBM's design by signing up to power.org or something.

The decryption key needs to be stored *somewhere*, so if it is not anywhere in plain sight (ie: in unencrypted software, where hackers would find it in no-time), it has to be embedded into IC's. For example by blowing e-fuses in the chip after production, leaving a pattern that codes for the private key. As long as the chip has no external interface to read-out the e-fuse state, the key is pretty safe inside the chip. Presumably this is how the PS3 keeps it secrets, and at least the 360 is protected like this. Anyway, you might not even *need* to get the decryption key to hack a console like the PS3. If you hit a software exploit in some part of the system that allows access to un-encrypted RAM, you already have your decrypted source without having the key. AFAIK no-one ever got the keys that are used to encrypt XBOX1 binaries, and still you can consider it 'fully hacked'. I might be wrong on that one btw, the keys might have been leaked or recovered from the XDK or something. At least I've never seen an XBOX-1 binary (any binary other than the BIOS ROM that is) decryptor, so that's where I base my assumption on.

Putting a digital oscilloscope to the buses in the ps3 during startup will get you further but considering nobody's even been able to do it to the iphone, it'll be a while before those oscilloscopes even get to most universities. That's assuming what's being sent over the buses isn't encrypted which could be asking too much.

The problem is that the equipment required to probe machines like the PS3 or 360 is so expensive and domain-specific, that almost no-one has it or knows how to use it. Also, there is not really that much of a commercial incentive to spend millions of dollars on console hacking + equipment, so that's why these things take very long. With smartcards it's a whole different story, because you can make a lot of money hacking these. That's why they get hacked so soon. Anyway, I'm pretty convinced that given enough time, money and equipment, hardware encryption of *any* device is possible.

[ralferoo]

Presumably this is how the PS3 keeps it secrets, and at least the 360 is protected like this. Anyway, you might not even *need* to get the decryption key to hack a console like the PS3. If you hit a software exploit in some part of the system that allows access to un-encrypted RAM, you already have your decrypted source without having the key.

Our best guess is that the reserved SPU is running in isolated mode, as described in the IBM technical documentation and is designed for just this purpose. Each CPU has a unique decryption key, and isolated mode allows an SPU to be fed encrypted data that can only be unencrypted and executed by that CPU. At no point does this data ever exist in an unencrypted form on any processor bus. The SPU can also protect its memory from the PPU and other SPUs so it's not possible to DMA the program out.

[d-range]

Our best guess is that the reserved SPU is running in isolated mode, as described in the IBM technical documentation and is designed for just this purpose. Each CPU has a unique decryption key, and isolated mode allows an SPU to be fed encrypted data that can only be unencrypted and executed by that CPU. At no point does this data ever exist in an unencrypted form on any processor bus. The SPU can also protect its memory from the PPU and other SPUs so it's not possible to DMA the program out.

Interesting. I don't know much about PS3 security, but it indeed seems likely no unencrypted data is bus-ed or kept in RAM. Do you know if this is also true for game code (ie: PPU and the other 6 'normal' SPE's)?

My guess is no-one will ever really break PS3 security. Only drive firmware hacks to allow 'backups' and other illegal material to run, maybe. No unsigned code like on the XBOX1 and <=4548 fw XBOX360's. It's just not really necessary since we have PS3 linux, and Sony can probably plug any hole by fw updates anyway. It's probably a better idea to stay nice with Sony, not mess with the hardware and the firmware, and kindly keep asking they open up the RSX a little. That's all that's required for really great homebrew on the PS3.

[stinkymonkey]

incorrect...
just ring sony for the keys brooo!!

[jonwil]

I think if Sony and NVIDIA provided a binary blob for the PS3 GPU (same sort of thing as what you get for PC NVIDIA GPUs), most of the reasons for needing to hack the PS3 go away and the only reason to even consider hacking GameOS, game data files, executables or anything else outside of OtherOS would be to pirate PS3 games.

[DONGLECRACKER]

has any progress been made decrypting the warhawk file?

[mc]

jonwil: Not quite. There are a few other applications of a hacked GameOS:

* To get around region protection for PS1 and PS2 games, and BD titles.
* Importing PS1 and PS2 saves from other emulation systems (this can
also be achieved by cracking the signature on PSV files)
* Translation patches and similar for legally owned games.

But as far as PS3 Development (the topic of this forum) is concerned, you
are basically correct.

[emoon]

Im not really sure if this leads anywhere...
And what is the purpose of understanding the self files? We can already run regular elf files under OtherOS.

[Rex_VF5]

Putting a digital oscilloscope to the buses in the ps3 during startup will get you further but considering nobody's even been able to do it to the iphone, it'll be a while before those oscilloscopes even get to most universities. That's assuming what's being sent over the buses isn't encrypted which could be asking too much.

I wouldn't agree. Have a look how original Xbox was hacked by Andrew Bunnie Huang ;-) That being said - Microsoft (and Sony probably too) has learned from previous mistakes and tried to block this route...

[audi100quattro]

The reason I said "Putting a digital oscilloscope to the buses in the ps3 during startup will get you further.." was because I knew about the xbox hack. :) Stupid encryption.

Trying to understand what ralferoo said, the SPU would still have to be initialized by software to go into the isolated mode, unless it was hardwired to do so, or maybe a combination of the two methods. Can a linux program put an SPU into isolated mode? IBM likely has enough docs out in the open to do this, if more than one SPU can be run in isolated mode at the same time. I just haven't gotten that far, as you can tell..

If having an HD partition (with random data written across it during creation) with keys hidden in the partition (at a pseudo-random location, and moved during startup/shutdown) or in LinuxBIOS or in your head is considered good enough security for Linux [swap] partitions, it could be good enough for the PS3 too.

[emoon]

I have now locked this thread as this forum is "PS3 Development" and not "PS3 Hacking" on more talks about stuff like this in the forum please.