"Keyshuffling Attack for Persistent Early Code Execution in the Nintendo 3DS Secure Bootchain" - (St

Discussion in '3DS - Homebrew Development and Emulators' started by Plailect, Mar 31, 2017.

  1. Plailect
    OP

    Plailect GBAtemp Advanced Fan

    Member
    516
    1,220
    Jan 30, 2016
    United States
    (Staring and Watching This Repository Helps Me!)

    View PDF

    Abstract

    We demonstrate an attack on the secure bootchain of the Nintendo 3DS in order to gain early code execution. The attack utilizes the block shuffling vulnerability of the ECB cipher mode to rearrange keys in the Nintendo 3DS's encrypted keystore. Because the shuffled keys will deterministically decrypt the encrypted firmware binary to incorrect plaintext data and execute it, and because the device's memory contents are kept between hard reboots, it is possible to reliably reach a branching instruction to a payload in memory. This payload, due to its execution by a privileged processor and its early execution, is able to extract the hash of hardware secrets necessary to decrypt the device's encrypted keystore and set up a persistent exploit of the system.

    Background

    This IEEE article was written by me (Devon "Plailect" Maloney) in association with ”stuckpixel”, ”SciresM”, ”Gelex”, ”Normmatt”, and ”Aurora Wright” in order to strengthen my academic resume for the purposes of college and university applications. Information in this article (especially the keyshuffling vulnerability) is original, independent work unless cited otherwise. Note that the keyshuffling vulnerability detailed here is the same one documented publicly by much of this team including "stuckpixel" (also known as "dark_samus") on sites such as 3DBrew. Additionally, note that the persistence vulnerability detailed here is the same one documented publicly as "arm9loaderhax" by "plutoo", "derrek", and "smea" at the 2015 32c3 conference.

    Starring and Watching the Repository?

    The more exposure and interest this paper generates, the easier it is for me to point to it as good academia for schools to see.

    Authors

    - Devon "Plailect" Maloney (Contributor)
    - ”stuckpixel” (Discoverer)
    - ”SciresM” (Implementor)
    - ”Gelex” (Contributor)
    - ”Normmatt” (Contributor)
    - ”Aurora Wright” (Implementor)

    _________________________

    Thanks,
    Plailect
     
    Last edited by Plailect, Apr 5, 2017
  2. WBW

    WBW Member

    Newcomer
    35
    15
    Mar 9, 2016
    Good luck!

    Typo: "reponsible" in the introduction section's first paragraph.
     
    Last edited by WBW, Mar 31, 2017
  3. KiiWii

    KiiWii GBAtemp Psycho!

    Member
    3,817
    1,339
    Nov 17, 2008
    United Kingdom
    Weirdly I went on your GitHub this morning and saw it but was too distracted reading the 3DS guide to query if it was a new thing.

    Congrats it sounds excellent!
     
  4. Giodude

    Giodude Ruler of Italy

    Member
    GBAtemp Patron
    Giodude is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    3,945
    1,169
    May 17, 2015
    United States
    New York
    I'm interested...
     
  5. Stephano

    Stephano I love you Charlie

    Member
    1,231
    1,093
    Feb 18, 2016
    United States
    Engineering Prison
    IEEE? As in Electrical engineering?
     
    Joel16 likes this.
  6. Bullseye

    Bullseye GBAtemp Regular

    Member
    289
    116
    Feb 22, 2016
    I have checked it out. Very interesting. Good luck with school!
     
  7. Plailect
    OP

    Plailect GBAtemp Advanced Fan

    Member
    516
    1,220
    Jan 30, 2016
    United States
    Yeah, it's written to follow their standard. The "Institute of Electronics and Electrical Engineers" includes software too :P
     
    Stephano likes this.
  8. slaphappygamer

    slaphappygamer GBAtemp Maniac

    Member
    1,135
    188
    Nov 30, 2008
    United States
    California
    This is awesome! It's a super technical read that is a bit over my head. Still you've drawn out your progress very nicely. I really like the part "We have demonstrated a keyshuffling attack on the secure bootchain of the Nintendo 3DS in order to redirect code flow into insecure memory."
     
  9. GerbilSoft

    GerbilSoft GBAtemp Addict

    Member
    2,085
    2,307
    Mar 8, 2012
    United States
    This is the "OTP-less" exploit, right? Did you ever figure out what caused the random bricks with SafeA9LHInstaller when using OTP-less?
     
  10. evandixon

    evandixon PMD Researcher

    Member
    1,674
    796
    May 29, 2009
    United States
    Good work. You've earned my star. I did notice a minor typo though. "Importantly, This register is not cleared until the ARM9 firmware binary clears it..." <-- "This" should not be capitalized.

    Content question: Wasn't the extra encryption layer the new 3DS introduced called the Kernel9Loader and not the ARM9Loader? Looking at 3D Brew, both are used, so is there a difference between them, or was it renamed to ARM9Loader without all references to Kernel9Loader being replaced?
     
  11. Arck

    Arck GBAtemp Advanced Fan

    Member
    764
    353
    Mar 13, 2016
    This is just OTPLess but with explanation right ?

    btw interesting
     
  12. Plailect
    OP

    Plailect GBAtemp Advanced Fan

    Member
    516
    1,220
    Jan 30, 2016
    United States
    Yep, this described otpless and a9lh in detail.
     
  13. proflayton123

    proflayton123 Undeclared Shitposter 2.1

    Member
    5,811
    2,164
    Jan 11, 2016
    Japan
    日本
    101 guests and 10 members viewing, also interest :3
     
  14. Stephano

    Stephano I love you Charlie

    Member
    1,231
    1,093
    Feb 18, 2016
    United States
    Engineering Prison
    That's really interesting. I didn't even know IEEE dabbled in that area. I'm only a sophomore EE student so I'm not to far in it yet
     
  15. Plailect
    OP

    Plailect GBAtemp Advanced Fan

    Member
    516
    1,220
    Jan 30, 2016
    United States
    Typo has been fixed. It's called either one depending on who you ask.
     
  16. Zidapi

    Zidapi GBAtemp Psycho!

    Member
    3,033
    1,817
    Dec 1, 2002
    I hope everyone gets behind you and stars/watches this.

    You've made huge, invaluable contributions to this community, it's time we all give back and help you out.