Hacking Finding the 3DS Common Key

[ichichfly]

soooo just say someone gets the commonkey what do you do with it?

the commonkey can be used to decrypt parts of the 3DS software from the nin update server

once we find it cant nintendo just update the system and change the key

most likely only for new data and we are most likely also able to get the new key because we can decrypt the updates with the key

if the 3DS dose something like Modcrypt (DSi) than the key is useless.

 

[3DSGuy]

soooo just say someone gets the commonkey what do you do with it?

The common key can decrypt the encrypted title key from the ticket of NUS downloads, so you can decrypt content and get title CXI, or what ever the content of the download is supposed to be.

 

[Deltaechoe]

soooo just say someone gets the commonkey what do you do with it?

the commonkey can be used to decrypt parts of the 3DS software from the nin update server

once we find it cant nintendo just update the system and change the key

Yeah and have everyone buy a new copy of all the games they already have

 

[Rydian]

once we find it cant nintendo just update the system and change the key

Yeah and have everyone buy a new copy of all the games they already have

Actually this was the reasoning everybody had when the PS3 keys were found. Everybody was so certain it was the end. I believed it too, I was mag staff back then and reported such since we didn't have any reason to believe otherwise.

Then Sony changed the keys and did firmware updates with a whitelist for the old game discs...

 

[Deltaechoe]

once we find it cant nintendo just update the system and change the key

Yeah and have everyone buy a new copy of all the games they already have

Actually this was the reasoning everybody had when the PS3 keys were found. Everybody was so certain it was the end. I believed it too, I was mag staff back then and reported such since we didn't have any reason to believe otherwise.

Then Sony changed the keys and did firmware updates with a whitelist for the old game discs...

I was just being sarcastic, nintendo wouldn't force users to rebuy software as that would be consumer relations suicide. They would certainly pull a similar trick to the one that sony used to allow the old legally acquired software to be used unhampered

 

[Shaohs]

I admit that I am a noob but I don't think it is possible to do that
The DSI was hackable because Nintendo did not even try to prevent it. But then again I guess it could because I saw some person who was in last place in MK and he somehow got in first :\
It may take a few years though
I know I do not make any sense to some of you

 

[nukeboy95]

I admit that I am a noob but I don't think it is possible to do that
The DSI was hackable because Nintendo did not even try to prevent it. But then again I guess it could because I saw some person who was in last place in MK and he somehow got in first :\
It may take a few years though
I know I do not make any sense to some of you

DINT TRY if they dint try there whud be homebrews on day 1

 

[megavirus1994]

i think this idea is pretty good
i mean the the number of keys that the 3ds could have are maybe a few trillion or so but that doesnt mean that the code might be found by the 10nth attempt
sure the possibility of that happening is like 0.00000000000000000000000000 (couple more thousand 0s) 1%
but its just a possibility
so if someone could make a program that people can run using a server for all tried keys worldwide or something on their pcs in the background i would run it the whole time my pc is on
someone is probably gonna get a proper exploit before the key is brute forced, but its still just a chance and lets everyone help crack the 3ds

 

[_V1qY]

i heard a rumor that sony leaked it, aparently it starts with 7

 

[totalnoob617]

i heard a rumor that sony leaked it, aparently it starts with 7

are you being sarcastic?
funny i think that the epic fail that FoF found wheree there was a random # generator for one the values and it always returned a value of 7 , thats how geohot got the metloader key

 

[SifJar]

are you being sarcastic?
funny i think that the epic fail that FoF found wheree there was a random # generator for one the values and it always returned a value of 7 , thats how geohot got the metloader key

No it's not. fail0verflow joked that that was how Sony got the random number for the algorithm (they showed an xkcd comic with a joke function), it was not actually how it happened. The real number would have been a rather large hexadecimal number (probably 128-bit i.e. 16 digits long). Also, the number in the comic was 4, not 7 IIRC.

 

[Deltaechoe]

are you being sarcastic?
funny i think that the epic fail that FoF found wheree there was a random # generator for one the values and it always returned a value of 7 , thats how geohot got the metloader key

No it's not. fail0verflow joked that that was how Sony got the random number for the algorithm (they showed an xkcd comic with a joke function), it was not actually how it happened. The real number would have been a rather large hexadecimal number (probably 128-bit i.e. 16 digits long). Also, the number in the comic was 4, not 7 IIRC.

No encryption key is that small, that would be stupid (referring to the 7, not the 128 bit number which is more reasonable, relatively prime factors ftw)

 

[Pong20302000]

wasnt the Ps3 one found the in code

that was labled

Return Random Number 4

so the number wasnt random, it was always 4 LOL

 

[SifJar]

wasnt the Ps3 one found the in code

that was labled

Return Random Number 4

so the number wasnt random, it was always 4 LOL

Did you not read my post? No. That was a joke. fail0verflow used the comic posted here: https://xkcd.com/221/ as a joke because the "random" number was always the same. The real number used was neither 4 nor 7.

 

[Pong20302000]

wasnt the Ps3 one found the in code

that was labled

Return Random Number 4

so the number wasnt random, it was always 4 LOL

Did you not read my post? No. That was a joke. fail0verflow used the comic posted here: https://xkcd.com/221/ as a joke because the "random" number was always the same.

lol i didnt read your post LOL

 

[totalnoob617]

i dont think it was a joke, it doesnt mean the hex key is 1 number it just means that the supposed random number generator that provides 1 of the integers of the equations always returns 4 so it gives you another value making it easier to solve the equation because now you only have to solve for 1 variable instead of 2 , or for 2 instead of 3 thats how seghr calculated the key

 

[SifJar]

i dont think it was a joke, it doesnt mean the hex key is 1 number it just means that the supposed random number generator that provides 1 of the integers of the equations always returns 4 so it gives you another value making it easier to solve the equation because now you only have to solve for 1 variable instead of 2 , or for 2 instead of 3 thats how seghr calculated the key

It is a joke. That comic was made by xkcd before anyone knew of Sony's failure in the PS3's security system. fail0verflow showed it because Sony always used the same random number, instead of using a new random one each time like they were meant to. The number they used was NOT 4. (How many times does it take to say something before people will accept it?)

 

[totalnoob617]

oh ok i see but it still just returns the same number,,not literally the number 4 , but the same vale each time for what was supposed to an unknown random value , for one of the ecdsa variables , so its no longer an unknown variable ,which allowed them to solve for the private key

 

[SifJar]

oh ok i see but it still just returns the same number,,not literally the number 4 , but the same vale each time for what was supposed to an unknown random value , for one of the ecdsa variables , so its no longer an unknown variable ,which allowed them to solve for the private key

The penny drops

 

[Dyreath]

All we need to do is solve P vs NP and we could find the number instantaniously.