Article: KaKaRoTo Speaks of ECDSA Algorithm - CFW Impossible

[xtrem3x]

Just because ECDSA can't be cracked does not mean someone can't find a different exploit in the PS3 & take advantage of it.

[tthousand]

That is what I am thinking. There are probably many doors that have yet to be opened.

[Mathematician]

As finishing my undergrad in nearly pure mathematics and working on my Ph.D. in applied statistics, I will say that nothing is purely random. Unfortunately I believe the hash algorithms are 1-1 so it's impossible to have two different files with the same hash value but then I'm not a computer expert.

However, do we really want CFW? I think with enough skill, 3.56+ libraries and features should be able to be implemented in 3.55 firmware if you have means to access 3.56+ firmware guts. If you can figure out how K is generated (trust me, it is not being randomly generated and I doubt it is using a time stamp either) you may be able to predict K and thus having higher probability of completing what you need.

[Darkman-PSG]

Games are encrypted with those keys to make it work idk y people cant seem to understand that. If you cant access the private keys there is NO way of making a game work how about this if True Blue can make Final Fantasy XIII-2 work then there is some hope in the scene but like it or not True Blue is all this scene has left.

[ridesideways]

ECDSA systems have been cracked before, and will be cracked again. You just need to understand that the cracking is not done on the EC mathematics (which is indeed *very* secure), instead the cracking is done on the "implementation". This is how the original PS3 keys were cracked, Sony forgot to generate a random number when signing a file (a flaw in Sony's ECDSA implementation), and then the whole ECDSA system for PS3 fell like a house of cards.

There are numerous other exploits/cracks that can bring an ECDSA system down:
1. The private keys get leaked from Sony
2. Hack the piece of code that verifies signatures so that non-authentic signatures are reported as authentic (I don't know enough about the PS3 architecture to say if this is feasible or not)
3. etc. etc.

There is no such thing as a completely secure system. The PS3 is a bunch of chips and code that runs on those chips. Code on any chip can be compromised. With enough research any system can be cracked. It's just a matter of how much resources will it take. It's probably that the PS3 contains another weak point (similar to the random-number fail) and it's just a matter of discovering it.

[uZer]

Like Cartman used to say: "Screw you guys - I'm going home" - I'll just buy xbox if no new games arrive in nearest future...

[Mathematician]

"Games are encrypted with those keys to make it work idk y people cant seem to understand that. If you cant access the private keys there is NO way of making a game work how about this if True Blue can make Final Fantasy XIII-2 work then there is some hope in the scene but like it or not True Blue is all this scene has left."

You are wrong, you only need the public keys =P

"it work idk y people cant seem to understand that." (you couldn't have said it better)

[Darkman-PSG]

@Ridesideways
http://www.youtube.com/watch?v=R2SS0gZ_kKI

Listen to what you are saying Sony made an error that they fixed meaning there is noway it can be cracked now.

[CS67700]

Lets face it, and now i think it's pretty sure to say it : this scene is dead.
What's coming next ? 10059 versions of multiman, 98623 versions of Showtime, 26895 more 3.55 with different themes and plugins (wouhou, cool) and nothing more.

[kada]

Just because ECDSA can't be cracked does not mean someone can't find a different exploit in the PS3 & take advantage of it.

I think same way. When PSP TA 088v3 boards came, CFW stopped. Then founded a way to hack PSP TA088v3 via tiff exploit. Maybe PS3 gives a big open that we can run unsigned apps and patches system calls. Who knows. I dont know about programming and is it possible but maybe plugins(like on PSP) will be adapted to 3.55 CFW. Ok PS3 has great security(over a year passed till 3.55 CFW) but every system has openings...