Interesting approach - thing is : how long did it take to calculate the key..
I'm not an expert in crypto, but if this actually works (in a decent time), it could lead to big fallout
But they are saying the fault is in OpenSSL and not in generating the ECDSA, so for grabbing the ps3 keys
it is not relevant?!
As i understood, OpenSSL was the subject for research but the core problem is much more general. I don't think all the other ECDSA Implementations are paying attention on constant time execution.
...and if they managed to get the priv key of a TLS server, it worked (in a decent time) :)
But they're saying OpenSSL is faulty not ECDSA itself...
Where is math, when you need a crypto expert?
Which means it has to be investigated but don't get your hopes up.
But only a possibility.
Of course for all I know that's only used for SSL/TLS comms and is nothing to do with the various loaders and their checks, so I may well be talking out of my arse.
Try it - if it really works, i'm sure scienctific magazines would publish a paper about it.
The easiest solution is obviously to break into Sony's offices and steal the encryption keys ;)
Or blackmail an employee to do so.