DSiWare Exploit Sudokuhax

[loco365]

No, the "master" or encryption keys are NOT stored in the system. If you watch the presentation the guys did on the PS3 keys, they explain how info they found in the system let them use math to figure the key out.

It's long, you might want to skip to the keys part.

Interesting. I guess that calculation is not the same as the DSi key, though. I would be surprised if the key's calculation method was the same as the Wii's. I doubt it though. What lead me to think it was in the system is because the key is recognized across every system made, and if it verifies the key, it would allow it, and since there is one for each console specifically and one for all of them, the key would be in the system to verify it.

 

[chyyran]

Well, lets keep our hopes up

yellows8 // Jan 28, 2011 at 12:38 pm

TB: Support for DSi SD card was committed,(doesn’t work for SDHC AFAIK) you can track DSi changes by the DevKitPro svn logs and the libnds tracker patches.

We’re working on another exploit. We tried to find vulns in the free DSiWare for ages but never found anything.

 

[martin88]

Got my copy of Sudoku in time.

Hopefully this will lead to ability to run DSiWare titles.

 

[Schnida]

Well, lets keep our hopes up

yellows8 // Jan 28, 2011 at 12:38 pm

TB: Support for DSi SD card was committed,(doesn’t work for SDHC AFAIK) you can track DSi changes by the DevKitPro svn logs and the libnds tracker patches.

We’re working on another exploit. We tried to find vulns in the free DSiWare for ages but never found anything.

C'mon Guys. I have 1200 Shop Points atm. I do not care what game you will use for the next exploit

 

[chyyran]

And it's a DSiWare hack again

yellows8 // Jan 29, 2011 at 2:57 pm

ron975, yes more DSiWareHax.

 

[SifJar]

YOU don't seem to understand. All Master Keys are stored in systems. Goes for the Wii, PS3, DSi, etc. The decryption key is in the NAND, from what I understand.

Decryption key? Yes. "Master key"? No.

QUOTE(Team Fail @ Jan 29 2011, 09:39 PM) Interesting. I guess that calculation is not the same as the DSi key, though. I would be surprised if the key's calculation method was the same as the Wii's. I doubt it though. What lead me to think it was in the system is because the key is recognized across every system made, and if it verifies the key, it would allow it, and since there is one for each console specifically and one for all of them, the key would be in the system to verify it.

It is the exact same algorithm used for any system that uses AES128 encryption (or is it AES256? I'm pretty sure its AES of some sort - Used in Wii and DSi. PS3 uses different encryption algorithm I belive - ECDSA or something like that). That doesn't help at all though. The reason the PS3 keys could be calculated was Sony made a monumental screw up in implementing that algorithm. Nintendo seem to have done it properly (which I believe isn't hard if you read the specs before implementing it), which makes it impossible to calculate by mathematical means. The Wii's private key has never been calculated/found, and it is very unlikely the DSi's will be either.

The private key isn't needed on each system, because that's the whole point of public-private key crypto. Stuff is signed with private key, then decrypted and verified with the public key. I have no idea how this works, but it does. And it means that the only copy of the private key is in Nintendo HQ, probably only ever been seen by a few people.

 

[Goofy Time]

And it's a DSiWare hack again

yellows8 // Jan 29, 2011 at 2:57 pm

ron975, yes more DSiWareHax.

Does this mean they have more DSiWare hacks planned?

 

[Ziggy Zigzagoon]

...time to scramble for more Wii Points.

 

[Rukia-san]

Oh, nice!
I might sound paranoid, but I'm waiting with this one until there's an offline patcher that doesn't collect the specifics of my DSi available. I really can't see why this has to be done the way it's done now, unless Twiizers have some use of the collected data.

So true but I patched my game nonetheless I didn't want to miss the upportunity but now that I think about it... Do you guys know what kind of data was sent? Don't tell me there is the Nintendo Club ID or the visa numbers or something private? I'm kinda scared now.

 

[Rydian]

Well, how did the Wii one result? Was it the same?

We don't have the Wii's "master" key, only the decryption key.

 

[SifJar]

Oh, nice!
I might sound paranoid, but I'm waiting with this one until there's an offline patcher that doesn't collect the specifics of my DSi available. I really can't see why this has to be done the way it's done now, unless Twiizers have some use of the collected data.

So true but I patched my game nonetheless I didn't want to miss the upportunity but now that I think about it... Do you guys know what kind of data was sent? Don't tell me there is the Nintendo Club ID or the visa numbers or something private? I'm kinda scared now.

Most likely to try and stop Nintendo from seeing the actual hack as much as possible. Just a guess of course.

 

[CarinioBrutal]

So what system version does it need for the Dsi homebrew to work? do i need to download the latest version?

 

[chyyran]

Basically, as of writing time, Sudokuhax is busted. If you weren't one of the 234 people who got it, then you don't have DSiBrew.

 

[caitsith2]

Actually, if you have had that version, It is still possible for those that have bought it in the past, to redownload it if they have lost every local copy they ever had.

Even though the title isn't listed in the main shop, if a person has bought it, it will be listed in their "Titles you downloaded" under the setting part of the shop channel, and it can be downloaded from there.

As of me writing this post, there are 268 people that have sudokuhax for sure. THere may still be more people out there that have purchased that game at some point.

 

[DiZ420]

i bought sudoku

 

[Schizoanalysis]

Well, lets keep our hopes up

yellows8 // Jan 28, 2011 at 12:38 pm

TB: Support for DSi SD card was committed,(doesn’t work for SDHC AFAIK) you can track DSi changes by the DevKitPro svn logs and the libnds tracker patches.

We’re working on another exploit. We tried to find vulns in the free DSiWare for ages but never found anything.

C'mon Guys. I have 1200 Shop Points atm. I do not care what game you will use for the next exploit

Please let it be available on Japanese DSiware too this time!!!!!

I missed out the other time as I have a Japanese console.

 

[BlueStar]

Glad I downloaded it early

 

[8BitWalugi]

I own EA Sudoku on my DSI. It is not available for purchase on my DSiXL, which shares the same Club Nintendo account. I find that interesting, at least in the way that the big N sees each handheld as a different entity, even if they know the same person owns them.
Club Nintendo Account =/=DSi Shop Account.

QUOTE(kaputnik @ Jan 28 2011, 02:01 PM) Oh, nice!
I might sound paranoid, but I'm waiting with this one until there's an offline patcher that doesn't collect the specifics of my DSi available. I really can't see why this has to be done the way it's done now, unless Twiizers have some use of the collected data.

So true but I patched my game nonetheless I didn't want to miss the upportunity but now that I think about it... Do you guys know what kind of data was sent? Don't tell me there is the Nintendo Club ID or the visa numbers or something private? I'm kinda scared now.

You're being a bit TOO paranoid. That info is stored with Nintendo with your DSi Shop Account details.

 

[opal]

i got the game but still haven't tried it, just waiting for something better. I think there are much more people who think just like me and they are just waiting with the game purchased

 

[TwoBladedKnight]

I had the sudoku game since I first got my DSi

I got the haxx!