Can the Switch's private key get leaked?

  • Thread starter Thread starter Deleted User
  • Start date Start date
  • Views Views 4,626
  • Replies Replies 2
Status
Not open for further replies.
D

Deleted User

Guest
I wrote this thread intending to post it in the Switch hacking section but it belongs in the EoF

The purpose of this thread is to have some fun making a logical guess. We have no way of knowing for certain what Nintendo does. The private key will probably never get leaked.

To my understanding, the private key is used to sign code. The only two ways to make a Switch run code are to sign it or exploit a security glitch. The private key is not stored on the Switch.

The only ways to obtain a private key are to bruteforce it, exploit a glitch to calculate it or get it from Nintendo.

The private key is 2048 bits long and will take millions of years to bruteforce using today's hardware. In a few decades we might be able to use quantum computers to bruteforce it within our lifetimes. By then the Switch will be obsolete.

Back in 2011 Sony got fucking pissed and probably fired a few engineers. A group of hackers discovered a glitch in the PS3's random number generation which allows the private key to be calculated. When properly implemented private keys are impossible to calculate. There is no known method to calculate the Switch's private keys, we will probably never find one.

The third option is the main purpose of this thread. Can we somehow get it from Nintendo? Unlikely. Nintendo probably goes all out on security to minimise the possibility of the private key getting leaked. Lets discuss this anyway, just for fun. I'm making some big guesses in the text below.

In Nintendo's office in Kyoto there is a computer which contains the private key and is used to sign Switch code. If Nintendo loses the private key they are fucked, backup copies are stored in several different physical locations in Japan.

The computer in Kyoto used to sign code is offline, stored behind armed guards and all logins must be approved by another staff member and are logged. Not just any staff member can login or approve a login. These staff members must pass a psychological assessment and be Japanese citizens on top of the passing police checks and signing a non-disclosure agreement like all the other staff members. Staff members don't need to see the private key, only put the code through a signing program.

To actually see the private key an engineer needs to make a request, providing a good reason why he needs to see the key to do his job. If his request is approved, only then can he see the private key. He also needs to meet the criteria described above.

The key is stored in other physical locations in Japan. Copies of the key are locked in safes protected by armed guards. The safes are only opened when the security company managing them authorities for them to be opened.

If, despite these measures the private key does get leaked Nintendo will send their private investigators in for the hunt then call their lawyers in for the kill. Those who played a role in leaking the private key will get sued and go to jail. Japanese jails include forced labour.

So can someone on GBAtemp get a job for Nintendo and leak the keys? If he is an accomplished cybersecurity professional, speaks fluent Japanese, manages to fool the psychologists who assess him, is or is willing to become a Japanese citizen and is willing to crucify himself for the sake of people who will call him a dumb fuck when he gets caught, then yes.
 
Sony did store the PSP private keys in the PS3, hence some of the stuff there. Whether Nintendo would do something similar I don't know. Main thing I might expect to see there is a repair centre is given a tool to sign a unique piece of code to fix an error and it gets leaked.

You mentioned the PS3 elliptical failure with shared/repeated randoms. I am not expecting too much like that here.

There is the related one of signing/encrypting an all zero file. While a known plaintext can yield some things that might be undesirable (if nothing else many a game company might not care for people poking through the game's files and making cheats) the all 00 stuff can be a different matter. I imagine they have an if all zero check for their files to be signed. I don't know at this point what algos are used and what they would be vulnerable to here.

You could possible render it a moot point. Sign enough broken firmware versions of maximum number that blacklisting gets tricky, or have some similar fun that for the sake of consumers they have to abandon efforts (they are not going to replace all currently sold and possibly on shelves ones). Might not have to be quite so blatant either if you could include a debug mode. Depending upon what goes you might also be able to be one of their trusted partners -- far easier to infiltrate a game developer that might be in a trusted position (Steam had one a while back that was found, Apple have had any number of benign applications include things they don't care for, I did see that thing recently where the game had a programming language inbuilt), and possibly suggest a firmware be made that has less scrutiny applied.

Quantum computing could get made at a workable level so a nice go on Shor's algorithm might yield the thing, likewise there are lists of prime numbers already out there (the various leaks from security agencies included a few) so if it is on one of those in the future then even better. I don't know if primality testing will have some kind of breakthrough either, or if they used such testing on a number and it came back as prime despite not being prime which also gives a few options there. While brute force is estimated as taking ridiculous numbers of years to find it is not certain to be so, though as I doubt anybody is running such a thing with any notable amount of power... yeah.

"Those who played a role in leaking the private key will get sued and go to jail."
Now you are thinking like a Japanese person. Get to some non extradition country (can't find a nice list but http://www.moj.go.jp/ENGLISH/m_keiji09_00011.html is a start) before the leaking, or fake your death or otherwise vanish and it is all good.
Similarly why go for trusted person infiltration when Mission Impossible, or for the more blackhat types the Goldfinger*, options are potentially available. Depending upon time pressures then the secondary/backup keys might be more vulnerable.


*I don't know if I want to spoil a James Bond film really.

The villain's plan is to radioactively taint all the gold in Fort Knox in the US, a significant chunk of the supply and thus drive gold prices up (he also had a decent supply) through scarcity.
 
  • Like
Reactions: Subtle Demise
Broke into Nintendo HQ for this, don't say I never give you anything.

E4886AA4940D1F282DB32FA2716E177FF3A53507868EA259EF69A3399DF4FA2D0DFC9B6A65DC414158ACBE76A12B57E71661318A8857D64888E87C029FAC29156F2457157CB1A320535D923D122E4F5C719B78A24E96F822575AC98CD47BDAFB3C280BD2A5FD5D8C08E723B7D82A46CFF95FEB663EA5F944C8146DD249905854

--------------------- MERGED ---------------------------

I don't know if I want to spoil a James Bond film really.
I think a worse spoiler would be what happens at the end of OHMSS.
 
  • Angry
Reactions: unenwithtfloppa
Status
Not open for further replies.

Site & Scene News

Popular threads in this forum