[Question] - PS4 CFW Rebug & key LV0

Berion · Apr 14, 2018

@Raffael07 There is no one magic public key. There are plenty, for various things, stitched to parts of the firmwares and operating system.

bguerville · Apr 14, 2018

Raffael07 said:
Is this public key located on the PS3 NOR?

There are many ecdsa public keys used by the system. I dunno which one you mean. Many public keys are found in encrypted form inside an encrypted loader located in NOR/NAND.
Note that it is also possible to calculate an ecdsa private key without the public key if you have access to a couple of decrypted signatures.

Raffael07 · Apr 14, 2018

How do you know if the public key is correct?

Berion · Apr 14, 2018

Because decrypting encrypted unicorns. ;]

bguerville · Apr 14, 2018

Raffael07 said:
How do you know if the public key is correct?

I won't get into the math & the equations, instead think of it in a practical way.
If a public key is correct it can be used to decrypt successfully any file encrypted with its corresponding private key.
Say you have the public ecdsa key to decrypt a self file & an encrypted self, you can decrypt the self using a tool like scetool with the public key, if the public key is good, the decryption will succeed & produce a correctly formed executable ie elf file.

KILLER_SEVEN · Apr 14, 2018

hm...

why we don't setup a network of proxy's to do a mass bruteforce to find that key's?
i know it's not easy to setup at all

the user can help someone has computers and laptops staying/laying arround that can be setup as a bruteforce machine!

we can make a bridged vpn network and give the ps3 hacker's access to them!
i know it sounds a bit crazy and for someone it's a no go to give a hacker access to his computer but when it help's to find that private key! it's epic when it works!!!!!!

Berion · Apr 15, 2018

Because it is not legal and not enough processing power. You cannot brute force it on current hardware's, even if You infected hundreds of thousands of personal computers to work on one file.

BTW: You don't need to giving anyone access to Your PS3. It is enough to work on encrypted file extracted from the console, for which You want find a private key.

KILLER_SEVEN · Apr 15, 2018

Berion said:
Because it is not legal and not enough processing power. You cannot brute force it on current hardware's, even if You infected hundreds of thousands of personal computers to work on one file.

BTW: You don't need to giving anyone access to Your PS3. It is enough to work on encrypted file extracted from the console, for which You want find a private key.

that means it is possible to optain the private key per console(ps3) and sign the modifyed self files and pack all to a pup file and install them on this console like a ofw??

samet2012 · Apr 15, 2018

Berion said:
Because it is not legal and not enough processing power. You cannot brute force it on current hardware's, even if You infected hundreds of thousands of personal computers to work on one file.

BTW: You don't need to giving anyone access to Your PS3. It is enough to work on encrypted file extracted from the console, for which You want find a private key.

What do you think about flat_z SAMU key?
https://twitter.com/flat_z/status/870009921932275712

Berion · Apr 15, 2018

KILLER_SEVEN said:
that means it is possible to optain the private key per console(ps3) and sign the modifyed self files and pack all to a pup file and install them on this console like a ofw??

Per console keys used by PS3 are static and doesn't sign anything in the firmware update package. AFAIK.
And BTW: Siging and encryption have not the same meaning. Many peoples also misleading encoding with encryption, and also this so two different operations.

But I understand what You have in mind. So yes, it is possible to find any static/"dynamic" keys which using static seeds and they are not salting, only by bruteforce attack. The problem is, there is not enough power to do it in reasonable time, on entire planet Earth in 2018 year.

Eventually there is some mathematical vulnerabilities in algorithms which is currently public unknown to the science, and which could lead to possible of calculating them by currently unknown method.

- - -

@samet2012 I have zero knowledge on PS4 so I don't even know what SAMU doing. Also I have basic knowledge only on NES, PSX, PS2, PS3 and Xbox.

samet2012 · Apr 15, 2018

Berion said:
Per console keys used by PS3 are static and doesn't sign anything in the firmware update package. AFAIK.
And BTW: Siging and encryption have not the same meaning. Many peoples also misleading encoding with encryption, and also this so two different operations.

But I understand what You have in mind. So yes, it is possible to find any static/"dynamic" keys which using static seeds and they are not salting, only by bruteforce attack. The problem is, there is not enough power to do it in reasonable time, on entire planet Earth in 2018 year. Eventually there is some mathematical vulnerabilities in algorithms which is currently public unknown to the science, and which could lead to possible of calculating them by currently unknown method.

- - -

@samet2012 I have zero knowledge on PS4 so I don't even know what SAMU doing. Also I have basic knowledge only on NES, PSX, PS2, PS3 and Xbox.

PS4 Processor SAMU = Secure Asset Management Unit.

[Question] - PS4 CFW Rebug & key LV0

Berion

bguerville

Raffael07

Forum Noob

Berion

bguerville

KILLER_SEVEN

Member

Berion

KILLER_SEVEN

Member

samet2012

Member

Berion

samet2012

Member

Similar threads