What are the OTP's ? (used for ?)

Discussion in '3DS - Flashcards & Custom Firmwares' started by Gnarmagon, Feb 1, 2017.

  1. Gnarmagon
    OP

    Gnarmagon Noob <3

    Member
    554
    95
    Dec 12, 2016
    Germany
    Hello,

    I know that you need the OTP's to install A9LH but what does A9LH with these OTP's ?
    How is A9LH installed ? (just a new Line in a Script / .txt ?)
    The Wii and WiiU have these OTP's too ?
     
  2. Lilith Valentine

    Lilith Valentine Suspended

    Suspended
    20,201
    21,602
    Sep 13, 2009
    United States
    The OTP is used to get the keys needed to install A9LH.
    How is it installed? You follow the guide
    3ds.guide
    Both the Wii and Wii U have an OTP
     
    Last edited by Lilith Valentine, Feb 1, 2017
    proflayton123 likes this.
  3. proflayton123

    proflayton123 Sakura思い

    Member
    5,987
    2,282
    Jan 11, 2016
    Japan
    日本
    Last edited by proflayton123, Feb 1, 2017
    Gnarmagon likes this.
  4. Searinox

    Searinox <3

    Member
    1,780
    182
    Dec 16, 2007
    Romania
    OTP stands for One-Time Pad, which is actually a bit of an odd thing since the definition rather closer fits XOR pads than what the OTP actually is. The OTP is a 256-byte unique value from which several important keys are derived. Admittingly, it's too big to be outright considered a "key" in its own right since most keys are 16-byte(128bit) or 32-byte(256bit) long and the OTP is much larger. I believe -how- the keys are derived is yet unknown but then the OTP can still be used to encrypt or decrypt stuff in a valid fashion.
     
  5. adrifcastr

    adrifcastr GBAtemp Advanced Maniac

    Member
    1,819
    852
    Sep 12, 2016
    Germany
    no clue what you mean by Line in a script, but the a9lh payloads are written to the FIRM partition of the nand. the arm9loader then executes the arm9 payload on the root of the sd card which should be called "arm9loaderhax.bin" and has to be a valid arm9 payload.
     
  6. Goombi

    Goombi Meme crypto = my crypto

    Member
    144
    53
    Jun 1, 2014
    France
    RnVja1lvdU15RHVkZQ
    One Time Programmable*. It's a unique-per-console read-only randomly-generated-at-factory piece of data used by the Kernel9Loader on New 3DS to decrypt the secret sector (on N3DS NAND). The decrypted secret sector contains keys used by the K9L to decrypt the NATIVE_FIRM.

    About A9LH, providing a carefully chosen key to K9L will allow to gain code exec, not going for the full explanation here. That key is known but in order to provide it to K9L, we need to encrypt it with the OTP and write it in the secret sector.

    There's much more to it, you should check 32c3 presentation on 3DS hacking
     
    RosaliinaDaHacker64 and XRaTiX like this.
  7. Searinox

    Searinox <3

    Member
    1,780
    182
    Dec 16, 2007
    Romania
    Thanks for clearing that up. You mentioned what it does on the N3DS, so what does it do on the O3DS?
     
  8. smileyhead

    smileyhead owo TempStyle 2 Dark

    Member
    3,120
    8,444
    Aug 31, 2015
    Hungary
    Hungary
    [​IMG]