i have a question about firmware keys?

**happyman** · 10-04-2011,12:32 PM

hi to all, my question is everybody is looking for the 3.72 keys to make cfw, does the game makers will have the keys am i right?
if so could we find the keys from the games it self and compare it to the firmware we are in and will have the same keys in firmware and the game?

is just a question maybe i am wrong but it just got into my mind that we may have the same keys on both games and firmware.

**Bayron** · 10-04-2011,01:12 PM

I'm pretty sure it has something to do with public/private keys.

LIKE SOMEONE HAS 2 KEYS:
PUBLIC KEY -> USED FOR ENCRYPTION
PRIVATE KEY -> USED FOR DECRYPTION (PUBLIC KEY IS CALCULATED FROM PRIVATE KEY BUT YOU CAN'T CALCULATE PRIVATE KEY FROM PUBLIC KEY)

So this person gives out the public key to you. Then you encrypt data with the public key and the other person is the only one who can decrypt it with his private key.

It has something to do with this I suppose. It's not because you can get public keys to encrypt games that you also have the key to decrypt stuff.

The only thing I don't understand is why you wouldn't be able to install homebrew on 3.72 by putting your PC as the middle man between your router and your PS3 (Using ARP POISONING for example) and when the PS3 tries to download a PKG file from the PSN replace it with a homebrew PKG?

**hollandje** · 10-04-2011,01:18 PM

we cant install homebrew with arp poisoning because all the .PKG you download has a key made by sony we don't even have that key so it wont be possibel to fast swap it or something releated

**buggerlugz** · 10-04-2011,03:51 PM

What if someone develops a program to extract the consoles master key? Surely we can then exploit the chain-of-trust?????

**Mathematician** · 10-04-2011,05:46 PM

Originally Posted by Bayron

I'm pretty sure it has something to do with public/private keys.

LIKE SOMEONE HAS 2 KEYS:
PUBLIC KEY -> USED FOR ENCRYPTION
PRIVATE KEY -> USED FOR DECRYPTION (PUBLIC KEY IS CALCULATED FROM PRIVATE KEY BUT YOU CAN'T CALCULATE PRIVATE KEY FROM PUBLIC KEY)

So this person gives out the public key to you. Then you encrypt data with the public key and the other person is the only one who can decrypt it with his private key.

It has something to do with this I suppose. It's not because you can get public keys to encrypt games that you also have the key to decrypt stuff.

The only thing I don't understand is why you wouldn't be able to install homebrew on 3.72 by putting your PC as the middle man between your router and your PS3 (Using ARP POISONING for example) and when the PS3 tries to download a PKG file from the PSN replace it with a homebrew PKG?

It's actually a bit backwards; the public key is the one that does the decryption and private keys are the ones that does the encryption. The private keys, are well, private and pretty much are no where to be found in the playstation. It would be possible to calculate the private keys if you knew all the unknown variables in the encryption process + algorithms but the random number they throw in there prevents this being done.

When you download firmware updates, you are also receiving not only the new libraries but the new set of public keys used to do the decryption.

**urbncowboy** · 10-11-2011,04:57 PM

if i'm reading this right we have the public keys for 3.6x or 3.7x firmware just not the private one's am i correct???

**Bartholomy** · 10-11-2011,05:29 PM

Culturally interesting, this thread. What's the point?

**NuclearAqua** · 10-12-2011,03:26 PM

Originally Posted by urbncowboy

if i'm reading this right we have the public keys for 3.6x or 3.7x firmware just not the private one's am i correct???

No. We have public and private keys of <3.55 firmwares, public keys of 3.56 and no keys whatsoever from 3.60 onwards. Since 3.56 the private keys are impossible to obtain without a leak from Sony itself.

**andsnake** · 10-12-2011,06:13 PM

interesting thread

May i oppose a question ?
It may sound a litle "noobish" though. LEts ASSUME that someone leaks out a 3.60 SDK. (i will base this on assumptions) . would it be possible to just sign or create a backup manager( for example like multiman which is signed witj 3.55 if i am not wrong ) which will be signed to work with 3.60 , an just run in normally on 3.60+ OFW? ( with all of is abilities, like creating and playing backups of games), without the need of a dongle or a CFW ? Or do all these homebrew applications require special hardware/software-wise mods in order to work ?

**Bartholomy** · 10-12-2011,06:23 PM

Originally Posted by andsnake

interesting thread

May i oppose a question ?
It may sound a litle "noobish" though. LEts ASSUME that someone leaks out a 3.60 SDK. (i will base this on assumptions) . would it be possible to just sign or create a backup manager( for example like multiman which is signed witj 3.55 if i am not wrong ) which will be signed to work with 3.60 , an just run in normally on 3.60+ OFW? ( with all of is abilities, like creating and playing backups of games), without the need of a dongle or a CFW ? Or do all these homebrew applications require special hardware/software-wise mods in order to work ?

With 3.60, peek poke was gone

No managers, at best sign a pkg

User Tag List

Thread: i have a question about firmware keys?

Tweet

LinkBack

Thread Tools

Display


	Would you like to get all the new info from PSX-Scene in your email each day? Subscribe to our Daily Digest! Want to learn more about the team keeping you up to date with the latest scene news? Read about them now! Check out our Developer bios, too!