3DS Private Key Theory

Discussion in '3DS - Flashcards & Custom Firmwares' started by RoyalCardMan, Jul 26, 2011.

Thread Status:
Not open for further replies.
Jul 26, 2011

3DS Private Key Theory by RoyalCardMan at 7:10 AM (4,117 Views / 0 Likes) 15 replies

  1. RoyalCardMan
    OP

    Member RoyalCardMan DS App Studio™ Developer

    Joined:
    Aug 11, 2010
    Messages:
    628
    Location:
    In the middle of gun fire.
    Country:
    United States
    When I was eating dinner, I started thinking about how everyone is trying to find the Private Key that would allow people to play homebrew on the Nintendo 3DS. Well, you may think that this theory sounds crazy, but it could be why it was impossible.

    When people are trying to find the private key, they are looking for specific values. They think that it will just be one huge value of certain number, letters, ect. But, what if they are embedded within a huge key. Take this for example:

    XFADS92435K834523KDSA23253 - Not real

    You may think(if it was real), that this was the private key. Now, it may just seem impossible that it would work, but look within the code:

    XFADS92435K834523KDSA23253

    Maybe the Private key relies on a pattern. For example, if a game had the value of:

    XFADG56435K0DF523KLO12325I

    It may not seem the same, but the Nintendo 3DS would still accept it because they had these values and in the correct order.

    Well, if this theory was true, I would have a solution. What could be done is get 5-10 ROMs(games made by other companys) and examine the code. Now, from here, comparing all the values, you could see which one is most commonly used. Using these values, you could put them together, and walla. The private key.

    Now, if you want to test this, I guess you can, but I can't since I don't have the proper equipment to do so.

    Tell me what you think. If this is in the wrong section, I am sorry.
     
  2. JinTrigger

    Member JinTrigger Asentrix Studios

    Joined:
    Jun 25, 2008
    Messages:
    1,550
    Location:
    Lunesta/Mysteria
    Country:
    United States
    I think I see what you are saying...Nice theory in my opinion.
     
  3. RoyalCardMan
    OP

    Member RoyalCardMan DS App Studio™ Developer

    Joined:
    Aug 11, 2010
    Messages:
    628
    Location:
    In the middle of gun fire.
    Country:
    United States
    Well, maybe I'll start a team to test this theory.

    If anybody wants to see if this works, just PM me. I want to get the Nintendo 3DS working with homebrew and such.

    EDIT: This is my second theory.

    Well, yes the system would work similar to the first theory, but instead of keeping the same unneeded(the values not part of the actual Private Key)values, the Nintendo 3DS firmware actually randomizes the values. This would allow them to make sure people would have a harder time matching up the values of the Private Key.

    For example:

    XFADS92435K834523KDSA23253

    Then, the next time the Nintendo 3DS does a certain action(what ever action that would be), the code would somewhat be randomized to hide the code:

    XFADS92435K244523KDSA23259

    Now, it wouldn't matter what the other values were, as long as the values stayed the same, including the order of the values, it would still work.

    EDIT2: I will be asking a relative of mine to lend his Nintendo 3DS to me, since he has always wanted to play homebrew on his Nintendo 3DS.
     
  4. ChrisRX

    Member ChrisRX GBAtemp Fan

    Joined:
    Nov 8, 2006
    Messages:
    490
    Country:
    United Kingdom
    I've said it many times before but I guess it's still relevant. The people who are actually smart enough to break software and hardware security are not the sort of people who frequent this forum. They have much more knowledge than most (if not all) of us and everything that gets suggested I'm sure they have already thought of.

    In reality it's going to be nowhere near as simple as your suggestion and there would be months if not years of additional work. As I'm sure you know you can't just find a key and then poof, homebrew. There would be all sorts of encryption algorithms to crack on the software side and even more to investigate on the hardware side.

    I do commend you for actually sounding more intelligent than most people who make suggestions but in short, if we think of anything that may help towards the hacking efforts, chances are the experts have already tried it.
     
  5. RoyalCardMan
    OP

    Member RoyalCardMan DS App Studio™ Developer

    Joined:
    Aug 11, 2010
    Messages:
    628
    Location:
    In the middle of gun fire.
    Country:
    United States
    Well, actually the example I gave was just a poor example. As I said, this is just a theory. Second of all, I am actually testing this using different mathematical equations. That comes with my theory, but I didn't have the time to post it.

    You see, there is some important part I forgot to include. These parts of the Private Key would need to be put together in such a way that it would mostly be encrypted. In other words, the values of the private key would have to go through a mathematical problem, and the evaluation would have to be evaluated with another type of equation, something like an encryption of using mathematical equations to hide the actual Private Key.

    As I said, it is just a theory. I have so many more.

    Edit: And I speak the way I do because I want others to understand what I am doing.

    Also, please don't insult my intellegents. I have been programming for many years(with so many programming and scripting languages). I would understand how encryptions work.
     
  6. Kyohack

    Newcomer Kyohack Advanced Member

    Joined:
    Mar 27, 2010
    Messages:
    98
    Location:
    Las Vegas, Nevada
    Country:
    United States
    You have completely misunderstood the concept of the private key and the common key. To get a general understanding of how this works, see here: http://en.wikipedia.org/wiki/Public-key_cryptography

    You see, it isn't possible to obtain the private key, since only Nintendo has it. Instead, you would have to hack Nintendo's implementation of the private key cryptography system. Perhaps you would instead try to create a buffer overflow within the module that verifies the signed Title Meta Data.

    However, before you try that, there is more hope that an exploit would be found in the 3DS browser, rather than attempt to hack Nintendo's implementation of the private key cryptography system. Since the browser is standardized, and since source code is available, we can determine exactly which vulnerabilities still exist within the browser (the browser is ancient, and contains tons of bugs). In fact, TeamTwiizers successfully created a buffer overflow that froze the entire system. I witnessed this. All that needs to be done, is attach an executable payload.

    You need proof? Go here in your 3DS internet browser. It will freeze your 3DS, and you will be forced to turn it off, and turn it back on again. (also proves that the browser isn't sandboxed, which is a HUGE relief)
     
  7. naved.islam14

    Member naved.islam14 Gbatemp's Official Dark Knight™

    Joined:
    Sep 12, 2009
    Messages:
    968
    Location:
    Gotham
    Country:
    Sri Lanka
    Nice theory, but I don't think Big N would work so hard on security like $ony.
     
  8. RoyalCardMan
    OP

    Member RoyalCardMan DS App Studio™ Developer

    Joined:
    Aug 11, 2010
    Messages:
    628
    Location:
    In the middle of gun fire.
    Country:
    United States
    So, what I am getting from the article is from the private key, it uses a random mathematical equation to determine the public key. Well, couldn't you use patterns(not easily)to determine the private key? I could do that.
     
  9. nutella

    Member nutella Low Glycemic Index

    Joined:
    Sep 4, 2008
    Messages:
    1,097
    Location:
    Your nearest supermarket
    Country:
    Australia
    Sorry, had to be done.
     
  10. Nathan Drake

    Member Nathan Drake Obligations fulfilled, now I depart.

    Joined:
    Jan 2, 2011
    Messages:
    6,192
    Country:
    Antarctica
    This won't be as easy as you are trying to make it sound. There are reasons that there are dedicated teams of hackers that work hard as hell to figure this stuff out. If it was simple in any possible way, we would have had news about the system being cracked within the first week of it releasing.
     
  11. RoyalCardMan
    OP

    Member RoyalCardMan DS App Studio™ Developer

    Joined:
    Aug 11, 2010
    Messages:
    628
    Location:
    In the middle of gun fire.
    Country:
    United States
    I know it ain't easy. I have been looking at one code file four like 10 hours so far, and have only gotten barely anything so far. I never said it was easy.

    It was just a theory, which I am actually thinking might be true from what I am seeing so far within the code.
     
  12. jwcgator

    Member jwcgator GBAtemp Regular

    Joined:
    May 10, 2007
    Messages:
    140
    Country:
    United States
    That's not how a private-public key system works at all.... you are literally wasting your time.


    I'm not 100% on the details of cryptography, but I do know that the public keys (which are used to decode things encrypted by the private key) are comprised of a bunch of crazy multiplications of the private key and random numbers that we cannot just "see the pattern" in. There is absolutely no way in the world you're going to find the private key by looking for patterns, I promise.
     
  13. WiiUBricker

    Member WiiUBricker Insert Custom Title

    Joined:
    Sep 19, 2009
    Messages:
    5,821
    Location:
    Espresso
    Country:
    Argentina
    The private key is just a big random number that can't be found/exploited/cracked etc. The only possibilities are:

    1) A Nintendo engineerer releases it to the world wide web (not gonna happen)
    2) Bruteforcing it (only if the South Pole melts and Sony hires GeoHot)

    Basically this topic is garbage.
     
  14. ferret7463

    Member ferret7463 GBAtemp Advanced Fan

    Joined:
    Sep 21, 2010
    Messages:
    590
    Country:
    United States
    Here's an idea, get one of those hacker groups who infiltrate stuff like the NATO servers and have them do the same to Nintendo. Then they can release the secret of the 7 herbs and spices?
     
  15. RupeeClock

    Member RupeeClock Colors 3D Snivy!

    Joined:
    May 15, 2008
    Messages:
    6,307
    Country:
    United Kingdom
    That's eleven herbs and spices, and they along with the original hand-writing recipe with measurements are kept in a very tightly secured vault.
     
  16. p1ngpong

    Supervisor p1ngpong Legit Boss Harold

    Joined:
    Apr 18, 2008
    Messages:
    6,295
    Location:
    DS Scene
    Country:
    Croatia
    Yet another "I have a theory on how to hack the 3DS" thread?

    As ChrisRX said:
    So yeah, Im just going to close this.
     
Thread Status:
Not open for further replies.

Share This Page