COULD OBTAINING THE PRIVATE KEY BE THIS EASY? public key\reference point = private key?!?

[junkie2100]

if my understanding of the articles ive found is correct, Qa is equal to da multiplied by G
to quote kakaroto
"So first of all, you will have a private and a public key.. the private key is a random number (of 20 bytes) that is generated, and the public key is a point on the curve generated from the point multiplication of G with the private key. We set ‘dA‘ as the private key (random number) and ‘Qa‘ as the public key (a point), so we have : Qa = dA * G (where G is the point of reference in the curve parameters)."


solve for G
it is a base point of prime order on the curve
and is stored in the ps3s firmware

solve for Qa
it is the public key
which we already know

devide Qa by G to get the private key
i dont see how it could be that easy but if that really is the way ecdsa works then everything is already there we just have to do some LONG division lol
please inform me if im wrong but ive found multiple citations of that equation and by my understanding we now have everything we need to reverse it

[Goku1992]

You have to really know the "importance" of what a private key is and what it does and what it prevents. The Ps3 "could have been unhackable" If Sony used the private key in the 1st place.

The importance if the private key is to prevent piracy. The public key can be found only through the help of the lv0 key. Thing is you cant get the lv0 key unless you had the private key in the first place. With the private key you get the public key. The private key is a master key. Reason why 3.55 was found was becasue geohot found the private key. "Sony changed keys ever since 3.41" But the key was never a random key.

So with that being said if the key was intended like how Sony had intended it to be the Ps3 Scene would of been stopped dead in their tracks since 3.41. Just like how it's stopped dead in their tracks with 3.55.

The reality of the situation the scene only lasted externally for 5 months because Sony fixed the major problem. The scene only expanded/ benefit internal users (people with 3.55 or below) because that's where the progression continue.

The private keys give you access to everything on the ps3 to the point you can run whatever pirated game/blu ray you want. Public key gets generated by the firmware. Private key gives you access to everything. It is a random key.


So obtaining the private key will be remotely impossible.

[junkie2100]

so what youre saying is, both kakarato and wikipedia are wrong about how the public key is derived?

[Goku1992]

What I am saying is based off memory and the truth. You need the private key to get the public keys. I have been following the scene since it first started. So I will tell you this much.

In a retail ps3 the public keys are there but you need the private key to even get access to anything else. I never really read what Kakarato had to say or even googled the subject but what I do know is that private key was needed to get CFW and make this work/run.

There is alot of keys out there but the private key is meant for external users. That key gives you everything the public keys comes with the lvo keys and etc..etc.. but you dont get that out of nowhere.

lvo/public depends/relys on the current private key which is why those keys alone cant work on any ps3 because of the revisions of the private key. It's a complicated subject that isn't worth getting into.

Kakaroto said it himself that anything over 3.60 would be impossible because of that revision. You need the current private key to even do anything because for 3.55 that is not a random key it is a key that was found by Geohot/Failoverflow. Without that key in the first place 3.50 CFW would of never been found.

[Mathematician]

What I am saying is based off memory and the truth. You need the private key to get the public keys.

Wrong

It's a complicated subject that isn't worth getting into.

I really hope you do not go into it, because I have no idea where you got any of your information... nearly all of it is incorrect.

[Goku1992]

@Mathematician

The subject alone is not worth getting into. We know that the revisions that Sony made cant be compromised so lets just leave it at that.

/Thread

[junkie2100]

If one more person who doesn't know the formula for creating ecdsa keys tells me I am wrong imma snap. I know how the keys are used that was never the question and I fail to see a point in explaining the implimentation to a guy who is trying to discuss the inner workings of the protocol. This discussion is about the method in which the keys are generated and how that can be used with the information we already have to reverse the process.
They used to persecute people for saying the earth revolved around the sun but look who turned out right. Don't tell me it can't bedone just because you read it somewhere.
And thank you mathematician for setting him straight. I know you don't necessarily support my theory but you aren't gonna sit there and fight for something that you don't know the facts behind just because people told you to.
If anyone who understands the encryption could rebuild the curve using the given parameters and reverse the point multiplication just to try it that would be great, or at least explain why it won't work from a technical standpoint rather than giving me some tired old bobby bouche sounding excuse kuz momma says it can't be done

[Mathematician]

@Mathematician

The subject alone is not worth getting into. We know that the revisions that Sony made cant be compromised so lets just leave it at that.

/Thread

There once was another member on Psx-scene who completely misunderstood something. He created a topic stating that cfw above 3.56 was impossible. With him riding on his high horse his thread got stickied.

I told him he was wrong and he regurgitated the crap he thought was right. I broke down how possible it was and he kept spewing the same crap over and over (because, he didn't know what he was talking about)

Low and behold, I'm on cfw 4.21

---

And I'm telling you, we do not need the private keys to find the public keys. We have all of the public keys past 3.56 with none of the private keys past 3.56. You need to google and read more on the subject and what the actual difference between private keys and public keys are. Not only that, but then question why you would need the private keys in the first place by googling the ldr exploits that were used to find the public keys.

The subject alone is not worth getting into because nearly all your premises are wrong. The only thing I found correct was that 3.5 custom firmware would not be possible without the private keys but you have not the slightest clue why, it was only a fluke that you got that right.

junkie, the reason why the algorithm is uncrackable now is because we have more unknowns than equations guaranteed by the random number generator. However, the random number generator may not be so random. As in 3.55 and below firmwares, it returned the same value letting them generate two independent equations involving the same random number generated. Mathematically, this lets you find the private key (given you have the public key) and also the random number that was generated. The private key is not randomly generated, but the random number generator confounds the private key so it's not like you can look at some dump and find it.

If we had the public key and private key for one firmware above 3.56, a good enough statistician can possibly model the random number generator and with enough iterations get a 99% prediction interval of the next random number. If our prediction interval has a 99% rate of capturing the next random number generated, then in combination of the public keys, we can drastically reduce the time to brute force the private key. However, Sony no doubt tried making the random number generator as pseudo random as possible and it would take quite a while to build a good model. However, the limitation of computers, the PS3 does have some depending factor to generate their random number.

This goes back to fourier/spectral analysis which is above most of everyone who will read this, but any signal process can be represented as an infinite sum of cosines and sines. With the assumption (a very good assumption) that the random number generator is dependent on something that can be classified as a signal, it's theoretically possible to model the random number generator to some degree. If we can get over a million observations of random number by modifying some independent variables, it's theoretically possible to model the random number generator to some good precision.

[Raikalo]

This is a worthwhile read. Well said.

There once was another member on Psx-scene who completely misunderstood something. He created a topic stating that cfw above 3.56 was impossible. With him riding on his high horse his thread got stickied.

I told him he was wrong and he regurgitated the crap he thought was right. I broke down how possible it was and he kept spewing the same crap over and over (because, he didn't know what he was talking about)

Low and behold, I'm on cfw 4.21

---

And I'm telling you, we do not need the private keys to find the public keys. We have all of the public keys past 3.56 with none of the private keys past 3.56. You need to google and read more on the subject and what the actual difference between private keys and public keys are. Not only that, but then question why you would need the private keys in the first place by googling the ldr exploits that were used to find the public keys.

The subject alone is not worth getting into because nearly all your premises are wrong. The only thing I found correct was that 3.5 custom firmware would not be possible without the private keys but you have not the slightest clue why, it was only a fluke that you got that right.

junkie, the reason why the algorithm is uncrackable now is because we have more unknowns than equations guaranteed by the random number generator. However, the random number generator may not be so random. As in 3.55 and below firmwares, it returned the same value letting them generate two independent equations involving the same random number generated. Mathematically, this lets you find the private key (given you have the public key) and also the random number that was generated. The private key is not randomly generated, but the random number generator confounds the private key so it's not like you can look at some dump and find it.

If we had the public key and private key for one firmware above 3.56, a good enough statistician can possibly model the random number generator and with enough iterations get a 99% prediction interval of the next random number. If our prediction interval has a 99% rate of capturing the next random number generated, then in combination of the public keys, we can drastically reduce the time to brute force the private key. However, Sony no doubt tried making the random number generator as pseudo random as possible and it would take quite a while to build a good model. However, the limitation of computers, the PS3 does have some depending factor to generate their random number.

This goes back to fourier/spectral analysis which is above most of everyone who will read this, but any signal process can be represented as an infinite sum of cosines and sines. With the assumption (a very good assumption) that the random number generator is dependent on something that can be classified as a signal, it's theoretically possible to model the random number generator to some degree. If we can get over a million observations of random number by modifying some independent variables, it's theoretically possible to model the random number generator to some good precision.

The problem is, we don't HAVE a private key above 3.55. We have all the public keys and, barring obfuscation, we can decrypt anything in the PS3 system with the information that we currently have. However, since the private keys aren't stored in the system, and Sony won't exactly just hand them to us, we don't have a starting reference point. If we knew where to start, then we could pull some mathematical whirlwind and (potentially) significantly reduce the bruteforce time, as you said. The problem lies with the fact that we don't know where to start.

That being said, there is no computer in the world with a truly "random" number generator. An example: There is a game boy advance game I've played where you can gamble by rolling dice and receiving coins as a result of the roll. Most people would never realize that rolling the dice in certain locations, or after a certain amount of time has passed, would change the dice roll into a predictable pattern, thus removing the randomization. It's all about appearances.

@junkie -- In its current form, doing anything with the ECDSA is pretty much useless. What you said is true, we shouldn't stop trying because someone said it's impossible, but we still have to understand the amount of information that we have available to us. We lack current private keys. We have public keys, lv0, bootldr, blah blah blah, but unless we know where the algorithm starts the process we aren't going to gain any ground. This isn't an insurmountable task, in the general sense, but we all need to remember that the ECDSA has been implemented in low-level internet security simply because it is ABSURDLY complicated, almost to the point that no one person or one computer could calculate its signature.

[mad mike 96]

Wow this thread is a big laugh.. The private keys are extremely diffucult to opbtain but that doesn't mean they are impossible to caculate. given enough decrypted signatures one could very easily reduce the range to check through significantly. the likely hood of someone pulling it off is pretty slimn but again far from impossible. man flying without any assistance from a machine or animal thats impossible because it simply cant be done. calculating the private key.... not impossible. just not at all simple.