What are the OTP's ? (used for ?)

Discussion in '3DS - Flashcards & Custom Firmwares' started by Gnarmagon, Feb 1, 2017.

  1. Gnarmagon
    OP

    Gnarmagon Noob <3

    Member
    3
    Dec 12, 2016
    Germany
    Hello,

    I know that you need the OTP's to install A9LH but what does A9LH with these OTP's ?
    How is A9LH installed ? (just a new Line in a Script / .txt ?)
    The Wii and WiiU have these OTP's too ?
     
  2. Lilith Valentine

    Lilith Valentine GBATemp's Wolf-husky™ Melodramatic fool

    Member
    23
    Sep 13, 2009
    Antarctica
    ¯\_(ツ)_/¯
    The OTP is used to get the keys needed to install A9LH.
    How is it installed? You follow the guide
    3ds.guide
    Both the Wii and Wii U have an OTP
     
    Last edited by Lilith Valentine, Feb 1, 2017
    proflayton123 likes this.
  3. proflayton123

    proflayton123 Sakura思い

    Member
    10
    Jan 11, 2016
    Japan
    日本
    Last edited by proflayton123, Feb 1, 2017
    Gnarmagon likes this.
  4. Searinox

    Searinox <3

    Member
    5
    Dec 16, 2007
    Romania
    OTP stands for One-Time Pad, which is actually a bit of an odd thing since the definition rather closer fits XOR pads than what the OTP actually is. The OTP is a 256-byte unique value from which several important keys are derived. Admittingly, it's too big to be outright considered a "key" in its own right since most keys are 16-byte(128bit) or 32-byte(256bit) long and the OTP is much larger. I believe -how- the keys are derived is yet unknown but then the OTP can still be used to encrypt or decrypt stuff in a valid fashion.
     
  5. adrifcastr

    adrifcastr GBAtemp Advanced Maniac

    Member
    7
    Sep 12, 2016
    Germany
    no clue what you mean by Line in a script, but the a9lh payloads are written to the FIRM partition of the nand. the arm9loader then executes the arm9 payload on the root of the sd card which should be called "arm9loaderhax.bin" and has to be a valid arm9 payload.
     
  6. Goombi

    Goombi my_crypto = meme_crypto

    Member
    2
    Jun 1, 2014
    France
    RnVja1lvdU15RHVkZQ
    One Time Programmable*. It's a unique-per-console read-only randomly-generated-at-factory piece of data used by the Kernel9Loader on New 3DS to decrypt the secret sector (on N3DS NAND). The decrypted secret sector contains keys used by the K9L to decrypt the NATIVE_FIRM.

    About A9LH, providing a carefully chosen key to K9L will allow to gain code exec, not going for the full explanation here. That key is known but in order to provide it to K9L, we need to encrypt it with the OTP and write it in the secret sector.

    There's much more to it, you should check 32c3 presentation on 3DS hacking
     
    RosaliinaDaHacker64 and XRaTiX like this.
  7. Searinox

    Searinox <3

    Member
    5
    Dec 16, 2007
    Romania
    Thanks for clearing that up. You mentioned what it does on the N3DS, so what does it do on the O3DS?
     
  8. smileyhead

    smileyhead Press Start whenever!

    Member
    13
    Aug 31, 2015
    Hungary
    Hungary
    [​IMG]
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice