Homebrew Nintendo taps RSA for encryption

  • Thread starter Thread starter Luse
  • Start date Start date
  • Views Views 10,012
  • Replies Replies 41
some points to nail:

the RSA itself is strong and you will not decypher it just like that... but... if the mountain doesn't come to the prophet the prophet comes to the mountain... meaning exactly what i (and somebody else) have said yet:

the game sends the data over an encrypted channel. the other side has to decrypt it. the DS is the decryptor and the game has the key(s). with other words: once you duplicated the content of the cartridge the RSA is at your mercy.

* removed * zzzzz... don't post on 3am... it yields crap
happy.gif


it's like always: a 1:1 copy solves your problem. you just need to invest time into finding a way to do this. there is no need for cracking an RSA key. the worst thing you can do is include the key with the game on the cartridge. but this is the only way how they can do it as if they store the key in hardware it would be only a matter of time until somebody finds the appropriate memory chunk in the ROM of the firmware.

thus the DS will be banged... the question is just when. let's make a poll for it
happy.gif


this is why i have the biggest amount of respect for emulation people and such, cause i didnt understand a word you just said, but it sounds good
smile.gif
. very thankful to all in the meulation world for making this stuff possible, cause heck most of us have no idea what we would be doing
tongue.gif
 
Isn't RSA a really hard thing to crack?
...Seems really really hard O.o
Only 2 questions... Why? and What for?
I don't care about what 2 DS are talking to each other.... I only care about being able to "back up" (copy) a DS card and using it in another DS... what else do you need?
 
Hmm. I guess I must not be communicating my point of view very well. Does anyone here truly know the nature of RSA keys? It's not as if they're stored plain text in the DS ROM to be harvested and used at will. Plus, as previously mentioned, it won't affect ROM dumping - merely playing pirated ROMs together via 2-player wireless, and other wireless transfer options.

I'm not against dumping the cartridges, or anything else along those lines - I simply think many people don't realize that RSA encryption is not just something that can be 'cracked' the way CD-protections and whatnot generally are. Sure people can try, but it's not something that's going to yeild results in the same way, or particularly fast.
smile.gif


Edit: ..and for those following DarkFader - it's not necessary to try and dump the games over the wireless connection anyway - he's already done it another way.
smile.gif
 
I don't think this will keep it from happening forever, but it will probably impede it from happening during the bulk of the life of the DS. Which is what Nintendo is probably shooting for, seeing how GBA emulation has probably hurt the sales in ways they didn't initially plan for.

I'm still waiting for CPSIII emulation and games for that board were released five and six years ago.

So while it certianly may come eventually, nothing is ever absolute when it comes to these things. (Usually the harder something is, the more "hackers" it attracts, as they want to be the one to figure out the problem no one else can.)
 
Hmm. I guess I must not be communicating my point of view very well. Does anyone here truly know the nature of RSA keys? It's not as if they're stored plain text in the DS ROM to be harvested and used at will. Plus, as previously mentioned, it won't affect ROM dumping - merely playing pirated ROMs together via 2-player wireless, and other wireless transfer options.

I'm not against dumping the cartridges, or anything else along those lines - I simply think many people don't realize that RSA encryption is not just something that can be 'cracked' the way CD-protections and whatnot generally are. Sure people can try, but it's not something that's going to yeild results in the same way, or particularly fast.
smile.gif


Edit: ..and for those following DarkFader - it's not necessary to try and dump the games over the wireless connection anyway - he's already done it another way.
smile.gif

aha! I thought you were talking about dumping roms entirely...not the not being able to play multiplayer with a dumped rom. in that case I can see it being a hinder for multiplayer.
 
If Nintendo has learned from the experiences with GBA flash cards and piracy (and I'd be sorry for them if they didn't), copying DS cards might be next to impossible with a proper implementation of the encryption system.

RSA is (at least nowadays) absolutely safe, if they didn't make some bad mistakes, since the algorithm itself is well known and analyzed to death.

Different and safe (= long and random) keys for different games, keys stored in a safe area which is not readable with common means (except for scanning electron microscopes, perhaps), there you go.

Technology is improving constantly, and there are encryption system like Nagravision inside cheap and properly designed smartcards for pay-TV which are out for years and still not cracked. Why shouldn't Nintendo be able to achieve this?
 
Well I think there is more interest in cracking something like this, than there would be for pay-TV smartcards.

I'm not saying it will happen anytime soon, but in the cases like this, like the production of emulators for new platforms, it would seem people are willing to work on it for years and years to get it to work. (Saturn emulation is just now getting started, but only is now because of the work of a guy for years.)

Though I don't think it bothers Nintendo if their games are cracked ten years from now, or even five or six. (Well it bothers them, but they would much rather have it take that long that have games being released to the general public alongside their commercial release.)

They are just trying to, this go round, get as much of the money during the life of the system as they can. Sales will drop off after the system is over and done with, and then Nintendo will care less about people cracking, so they are hoping the new protections will keep hackers busy for at least that long. (Though the lifespan of a handheld is usually shorter than a console, but who knows these next two are so powerful it may be some time before we get the next gen.)
 
ok... i donno exactly how this should anyways 'secure' a game. let's look at it one clearly.

RSA is an asymmetric encryption system thus works with a public and private key system. this means you need one key for encryption (this one you keep secret) and one for decrypting it (which is public and not secret).

now let's assume each company uses for each game one RSA key pair. the cartridge is encrypted with the private key of them. now the DS needs to encrypt the catridge or the game will not work. thus the public key has to be present in the cartridge or else the DS is unable to do so. this is bad. the key is in the catridge itself and has to be plain-text. thus a 1:1 copy breaks this system.

let's assume there is one private key for the DS and the devers have the public key to encrypt the catridge and the DS can decrypt it with the private key. now again either a dever leaks the public key and the story is spoiled or somebody finds the key in the DS. most probably the key will be in hardware as RSA is damn slow, especially in software. and this is not that much of a trouble. just duplicate the hardware in software and again you are at the goal. here too for playing on the DS itself you only need a 1:1 copy to win the match.

for playing multiplay games. assuming the legal copy is the host and encrypts the data. let's further assume it generates an RSA key pair for each session. it encrypts the data with the private key and sends it. but for the other side to know how to decrypt it has to send the public key as well. no matter if the other side is legal or pirate it has the key and can decrypt as well as encrypt again with that key => you win.

now let's assume each game has a fixed RSA key pair for that data transfer. the two keys are stored in the catridge for sure in the encrypted part of the cartride. also here again make a 1:1 copy of the cartridge you have the key too => you win.

let's assume there is a signature hidden in the cartridge (a serial number) that is duplicated into the cartridge in an encrypted way (with a special private key only known to nintendo) and that the DS reads out and compares with the real cartridge serial to see if it matches. once again a 1:1 copy is enough if you also copy the serial of the cartridge.

facit: you do not need at all to crack the RSA key. cracking RSA is definitly very difficult especially if the key rotates like hell. but you do not need to know the key nor the process of encryption. you just need the 1:1 copy. i am convinced that this entire protection thingy is worth less than all think. with RSA you can hinder somebody at listening the DS conversation but if you have a pirated game you have also the means to listen to this chatter (as you have the key, just not in plain-text most probably). the goal is not to crack RSA but to crack the cartridge which is easier than going after RSA
wink.gif
 
facit: you do not need at all to crack the RSA key. cracking RSA is definitly very difficult especially if the key rotates like hell. but you do not need to know the key nor the process of encryption. you just need the 1:1 copy. i am convinced that this entire protection thingy is worth less than all think. with RSA you can hinder somebody at listening the DS conversation but if you have a pirated game you have also the means to listen to this chatter (as you have the key, just not in plain-text most probably). the goal is not to crack RSA but to crack the cartridge which is easier than going after RSA
wink.gif
That's exactly what I mean... I don't care what's happening inside the game, I don't care if data is encrypted or not... If you're able to make anyhow an one-to-one copy of a game, it will work perfectly... and will even be able to multiplayer with no problems...

As Ixthus said... flash cards!
 
Dragonlord Sez:
QUOTE said:
just duplicate the hardware in software and again you are at the goal.

That sounds like emulation, which isn't that easy to do with some hardware. I think the only emulated security chip ever (as far as the homebrew scene is concerned) was the Hitachi H8/3002 which was done by the Guru who dumps a lot of Arcade PCB's for MAME. To crack this chip it took sometime I believe i.e. 3 years. Personally I think piracy could become a thing of the past with a lot of the new technologies coming out for nextgen consoles, It's come to a point where DRM and similar technologies are not worth the effort to crack due to the time it would take and the little rewards given.
 
I roll my eyes at all the 'it will be cracked' people..as if RSA's BSAFE encryption technology could be broken by a home PC and an enthusiast with too much time on their hands!

laugh.gif


Face facts, as technology improves and proprietary formats continue to gain consumer acceptance (say what you will, you're buying the stuff!), piracy will go from being commonplace to being a thing of the past, or a thing of great difficulty. Just buy your DS games for goodness sake, it's not going to kill you.
tongue.gif


Plus, when you buy them, you'll actually spend money on the few games you really want, as opposed to pirating a bunch that you never play..



totally disagree there has been piracy since way before I can remember. since tapes were invented since vcrs were invented. what makes you think that one day it's just going to poof?

and there are always ways around buying stuff......

as nexDS said. As technology improves, so will piracy.

Piracy as been around since humanity started using rocks as tools. RSA has human nature going against them.
 
It's funny, I thought piracy died back when they introduced CD-roms, no? Everybody said they were "impossible to pirate". Was I lied to?!
 

Site & Scene News

Popular threads in this forum