Thread: explain the lv0.2?
View Single Post
Old 01-20-2013   #36
arwynj55
Member
 
arwynj55's Avatar
 
Join Date: Nov 2012
Location: Earth
Posts: 294
Likes: 29
Liked 38 Times in 32 Posts
Mentioned: 5 Post(s)
Tagged: 0 Thread(s)
Originally Posted by oPolo View Post
Hi @FaxiY

To explain it very simple, when you hear about public/private keys from someone, they are talking about asymmetric encryptions. (Although, some people are IMHO retards, and calls the secret key in symmetric encryption the private key... makes it confusing as hell)

Asymmetric encryption is where one key is used for encrypting and one is used for decrypting. The beauty of all this is that Sony can make one key rather public (the public key, which IIRC is stored in the ps3) and keep one key for themselves, the private key.

Every PS3 has the public key, so we can say the public key is relatively insecure, but only Sony has the corresponding private key for that public key. Thus, every firmware that is encrypted with the private key, can be verified by the playstation 3, as being from Sony as it can be decrypted (Sony in this sense "signs" the firmware) with the public key.
Even if we are in possession of the public key, we cannot encrypt (sign) the firmware as being from Sony, as we do not have the private key.

We cannot deduce the private key from the public key either, as the probably without a doubt most important characteristic of any asymmetric encryption, is that it is computationally infeasible, to deduce one key from the other

This is where Sony went wrong with their encryption implementation fail that was discovered in FW 3.55, and corrected in all firmware revisions to be released afterwards....
They made the mistake of, instead of using a random number in the ECDSA asymmetric encryption algorithm, they had basically made a method that said:

int getRandomNumber(){
return 4;
}

Or in layman's terms, instead of using a random number they always used the same number.
This removed the computationally infeasible aspect of the ECDSA algorithm, and allowed failoverflow to deduce the private key from the public key in the PS3, which has allowed us to sign any CFW and have the PS3 accept it, up till firmware 3.55.
After firmware 3.55, they fixed the ECDSA implementation **** up, and revoked a new keypair and made a new, which we are not able to deduce the private key from, should we obtain the public key.

Therefore, the private key is not stored in the PS3 Hope you understood it.

Ethos = Taking a computer security major ... Although, I don't really know any specifics about the ECDSA algorithm (and have never looked more than a few hours at the PS3's security), except that it is one of the promising algorithms for asymmetric cryptology in the future, instead of the current RSA algorithm that is widely accepted as THE asymmetric encryption algorithm right now. (I wrote this paragraph mainly to brag actually I don't give a damn if you decide to believe what I wrote or think it was all bull**** ._. Although it would hurt me ._.
hope this wasnt pointed to me :P too long for me to read XD
__________________
Psp Dev, psp 3k semi unbrick solution
arwynj55 is offline   Reply With Quote