Can someone explain PS3 keys and security?

**jonwil** · 01-03-2011,11:23 PM

Can someone explain all these different keys and security on PS3?
What is the first piece of code that runs when the PS3 starts up and what is the boot process for the PS3? (and how do these different loaders and keys fit into it?)

Is it true that we can sign a game binary and burn it to a BD-R and it will boot on an unmodified retail PS3 (even one running the latest firmware) and that Sony cant stop this without stopping legitimate retail PS3 games from working?
Which key(s) are involved in this?

What about custom firmware? (i.e. making our own firmware update that the PS3 will accept as legitimate?)
Which key(s) are involved in this?

**fresh** · 01-03-2011,11:59 PM

OMG!

**MaNa** · 01-04-2011,03:36 AM

Originally Posted by fresh

OMG!

+1

**d@rk51d3** · 01-04-2011,03:43 AM

http://psx-scene.com/forums/search.php

**manster** · 01-04-2011,05:43 AM

https://ps3wiki.lan.st/index.php/Main_Page

this site will help you a bit

**netkas** · 01-04-2011,07:08 AM

Originally Posted by jonwil

Can someone explain all these different keys and security on PS3?
What is the first piece of code that runs when the PS3 starts up and what is the boot process for the PS3? (and how do these different loaders and keys fit into it?)

Is it true that we can sign a game binary and burn it to a BD-R and it will boot on an unmodified retail PS3 (even one running the latest firmware) and that Sony cant stop this without stopping legitimate retail PS3 games from working?
Which key(s) are involved in this?

What about custom firmware? (i.e. making our own firmware update that the PS3 will accept as legitimate?)
Which key(s) are involved in this?

boot0(located ondie) loads lv0 and metldr, both located on nand/nor

metldr loads these modules - lv1ldr (decrypts lv1), lv2ldr(decrypts lv2), isoldr(decrypts isoself), appldr (decrypts apps/games)

so now, we can decrypt/encrypt and sign everything what metldr decrypts.

**turkey** · 01-04-2011,07:42 AM

check out the failoverflow ps3 epic fail video, its on youtube and other sites, part of this explains the boot process in great detail including where the parts are stored and what executes them, it also details what sony can or cannot update and or revoke, and where in this chain we can currently break in and what sony can or cannot do about it.

the chain or trust breaking part is yet to be released afaik as whole code for general consumption yet but the team have made live their [notranslate]GIT[/notranslate] and stuff will become available to developers soon, you wont need to deal with all that side of things I doubt, but there is alot of good stuff to learn

it also details the keys used for the self and other things which will help you.

with this info the rest should fall in place fairly well.

**jonwil** · 01-04-2011,09:09 PM

Originally Posted by netkas

boot0(located ondie) loads lv0 and metldr, both located on nand/nor

metldr loads these modules - lv1ldr (decrypts lv1), lv2ldr(decrypts lv2), isoldr(decrypts isoself), appldr (decrypts apps/games)

so now, we can decrypt/encrypt and sign everything what metldr decrypts.

Thanks for the info. If I read the info, its impossible for Sony to change metldr at all meaning every single PS3 in existance as of this point is 100% broken.

**idem01** · 03-11-2011,09:34 AM

Originally Posted by jonwil

Thanks for the info. If I read the info, its impossible for Sony to change metldr at all meaning every single PS3 in existance as of this point is 100% broken.

It seems they still can change lv0 loader and ignore metldr. (I wonder, why it was needed at all). That's as of 3.60 (according to KKRT)

So since boot0 is on die, it's GG?

User Tag List

Thread: Can someone explain PS3 keys and security?

Tweet

LinkBack

Thread Tools

Display


	Would you like to get all the new info from PSX-Scene in your email each day? Subscribe to our Daily Digest! Want to learn more about the team keeping you up to date with the latest scene news? Read about them now! Check out our Developer bios, too!