Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Encryption PlayStation (Games) Sony Games

PS3 Root Key Found 380

An anonymous reader writes "The PlayStation 3 'root key' used for code signing has been found by GeoHot. This enables running homebrew without the need for psjailbreak-style USB-devices, and also provides hope for those at firmware version 3.55 that currently cannot be downgraded. The key also cannot be changed without hardware modifications. Oops."
This discussion has been archived. No new comments can be posted.

PS3 Root Key Found

Comments Filter:
  • Same private key? (Score:5, Informative)

    by VGPowerlord ( 621254 ) on Monday January 03, 2011 @03:43PM (#34746540)

    Is this the same private key that was discovered last week []?

  • Re:Same private key? (Score:5, Informative)

    by Anonymous Coward on Monday January 03, 2011 @03:46PM (#34746598)

    No, this is the metldr private key. fail0verflow wasn't able to find that one as it required a metldr exploit

  • by Anonymous Coward on Monday January 03, 2011 @03:49PM (#34746628)
    Mathieulh Has Found The PSP Master Keys [], and now says

    I can encrypt/sign anything on psp now.

  • No sympathy for Sony (Score:5, Informative)

    by Ben4jammin ( 1233084 ) on Monday January 03, 2011 @03:59PM (#34746746)
    Since they basically did a "bait and switch" with the PS3.

    When I bought it, it had the OtherOS feather AND I could do all the online stuff...not now
    When I bought it, it had backwards comparability for almost all PS2 games...not now

    So it appears to me that in a sense the "hackers" have returned my property that was stolen from me by the "legitimate corporation"
    I doubt that Sony will learn anything from this, and after our family owning a PS2 and 3, the next console I buy will be Xbox...I had no idea a company could be dysfunctional enough to make me regret not buying a MS product.
  • by Zerth ( 26112 ) on Monday January 03, 2011 @04:04PM (#34746798)

    Despite all the people claiming this is a dupe, it isn't. This is getting the PSP private key from inside the PS3.

    They put the PSP private key on the PS3, presumably so you could buy games for your PSP through the PS3 and have the PS3 do all the heavy crypto work instead of encrypting it on the store end.

    Presumably, they figured "hey, the PS3 is unhackable, it is OK to embed the super secret key to PSP software in it". But then the PS3 got hacked.

  • Re:PS2? (Score:4, Informative)

    by tuffy ( 10202 ) on Monday January 03, 2011 @04:06PM (#34746818) Homepage Journal

    No. PS2 backwards compatibility required additional chips that aren't in the newer PS3s.

  • Re:PS2? (Score:5, Informative)

    by jonabbey ( 2498 ) * <> on Monday January 03, 2011 @04:18PM (#34746956) Homepage

    The second generation PS3s had the PS2 graphics chip in them, but took out the Emotion Engine CPU which was run in emulation.

    Later PS3s have neither the PS2 graphics chip nor the Emotion Engine CPU, and are not able to run PS2 games in emulation at all, regardless of what the firmware says.

  • by Lifyre ( 960576 ) on Monday January 03, 2011 @04:21PM (#34746996)

    Design change, the first gen ones still have it. The ones after had to emulate the PS2 and even that ability has been removed.

  • by bucky0 ( 229117 ) on Monday January 03, 2011 @04:46PM (#34747254)

    That's a good explanation except for the fact that there's a minimum OS version required to play online. One USED to be able to run otherOS and play online, and after a certain cutoff date, you had to choose to lose one or the other. That's where (some of) the contention comes from.

  • Re:Same private key? (Score:5, Informative)

    by sexconker ( 1179573 ) on Monday January 03, 2011 @04:52PM (#34747306)

    No, this is the metldr private key. fail0verflow wasn't able to find that one as it required a metldr exploit

    No. fail0verflow had no interest in getting that key. Why? Because they're about homebrew, which they can already do, and they're (officially, at least) against piracy, which the metldr key would simplify.

    There was a question asked about this at the end of their presentation. They basically said "Yeah, we don't have that key - we don't give a shit about it. Of course you can get it using the same method we just told you about.".

  • by Anonymous Coward on Monday January 03, 2011 @04:52PM (#34747318)
    On his website he credits those respontible. [] Don't blame the other middle men. Geohot gives credit where credit is due.
  • Missing key (Score:5, Informative)

    by Anonymous Coward on Monday January 03, 2011 @05:04PM (#34747438)

    Since the lame submission doesn't bother to link to the /very/ source that the article is about, I'll paste it here.

    erk: C0 CE FE 84 C2 27 F7 5B D0 7A 7E B8 46 50 9F 93 B2 38 E7 70 DA CB 9F F4 A3 88 F8 12 48 2B E2 1B
    riv: 47 EE 74 54 E4 77 4C C9 B8 96 0C 7B 59 F4 C1 4D
    pub: C2 D4 AA F3 19 35 50 19 AF 99 D4 4E 2B 58 CA 29 25 2C 89 12 3D 11 D6 21 8F 40 B1 38 CA B2 9B 71 01 F3 AE B7 2A 97 50 19
        R: 80 6E 07 8F A1 52 97 90 CE 1A AE 02 BA DD 6F AA A6 AF 74 17
        n: E1 3A 7E BC 3A CC EB 1C B5 6C C8 60 FC AB DB 6A 04 8C 55 E1
        K: BA 90 55 91 68 61 B9 77 ED CB ED 92 00 50 92 F6 6C 7A 3D 8D
      Da: C5 B2 BF A1 A4 13 DD 16 F2 6D 31 C0 F2 ED 47 20 DC FB 06 70


    props to fail0verflow for the asymmetric half
    no donate link, just use this info wisely
    i do not condone piracy

    if you want your next console to be secure, get in touch with me. any of you 3.
    it'd be fun to be on the other side. ...and this is a real self, hello world
    although it's not NPDRM, so it won't run off the hard drive
    shouts to the guys who did PSL1GHT
    without you, I couldn't release this

  • Exactly (Score:5, Informative)

    by Weaselmancer ( 533834 ) on Monday January 03, 2011 @05:33PM (#34747762)

    From the geohot site:

    props to fail0verflow for the asymmetric half

    Geohot isn't taking credit for anyone's work here.

  • by greg1104 ( 461138 ) <> on Monday January 03, 2011 @07:16PM (#34748850) Homepage

    To quote someone who said one correct thing today, "you really should consider making posts based upon facts". Read What difference does the firmware version make for CD and SA-CD? [] for an intro to the firmware issues I was speaking of. I know people who purchased the PS3 when firmware V2.00 added optical output for the format, only to find that capability taken away in the next revision. Since firmware upgrades are not optional if you want to stay on PSN, that's a clear bait and switch move. And if you read through the whole FAQ you can see some of the other limitations that come from Sony giving up on development here before the feature ever really worked perfectly.

    I purchased about 20 new SACDs in 2010, from companies like Mobile Fidelity and via the SHM-SACD [] remasters. That gives me about 80 of them total. Since some of these are the highest quality recordings available, they get an inordinate amount of playtime here relative to the rest of my music collection.

    See activity on [] to see that many people are still actively using the format, and how many titles are available. Yes, there are probably only a few hundred people in the world impacted by Sony's SACD on PS3 decisions. That doesn't mean those people were not misled about Sony's commitment to supporting the format well in the PS3. I never claimed there were a "mountain" of such people, merely that the mechanics of how they were treated is similar to the situation with both backward compatibility and the Other OS features. This is a regularly recurring behavior from Sony.

  • by Cornelius the Great ( 555189 ) on Monday January 03, 2011 @07:27PM (#34748930)

    In a utopian future, people would pay the actual cost of manufacturing the console - plus a reasonable profit margin. Anyone could write games - and the cost of them would be reduced because they wouldn't have to pay the "Sony Tax" on each one. For people who'll own very few games over the life of the console, this is not so attractive - but for people who buy more than the average number of games, it's a huge win. But at least we're honest about it.

    I already live in that future. I have a console hooked to my TV that runs code that doesn't have to be signed by Sony, Microsoft, Nintendo, et al. I can also run multiple OSes on it without having to jailbreak it. And I have hundreds* of legally-purchased games to play on it that probably cost me less than what 20 new PS3/360 games would (at $60).

    It's called an HTPC. It pretty much does everything a PS3/360 does better (including blu-ray playback). Not to mention backwards-compatibility with at least a dozen of older consoles via emulators. I still have my PS3, but primarily for GT5 and not much else.

    *My Steam account alone has 300+ titles. Mostly bought through holiday sale packs at a huge discount. I've probably played less than half so far, but I'm still discovering games that I bought more than a year ago.

  • Re:I wonder... (Score:5, Informative)

    by Lumpy ( 12016 ) on Monday January 03, 2011 @07:38PM (#34749044) Homepage

    News flash: clicking AGREE on a EULA does not make it enforceable. I dont care what any weazel lawyer tells you.
    until the government falls, and Megacorperations rise and start hiring shadow runners to enforce their EULAS, you need to not treat them as if they are anything but a bunch of bullshit that has no more value than the insane guy on the corner screaming that the end is near.

  • Re:Exactly (Score:5, Informative)

    by marcansoft ( 727665 ) <(hector) (at) (> on Monday January 03, 2011 @07:56PM (#34749184) Homepage

    For the record, that wasn't there initially. We had to complain to him to get him to add that.

  • Re:Same private key? (Score:5, Informative)

    by marcansoft ( 727665 ) <(hector) (at) (> on Monday January 03, 2011 @08:00PM (#34749208) Homepage

    We (fail0verflow) discovered and released two things:

    • An exploit in the revocation list parsing, enabling us to dump a bunch of loaders, and thus their decryption keys
    • A humongous screwup by Sony, enabling us to calculate their private signing keys for all of those loaders, and thus sign anything to be loaded by those loaders

    We used these techniques to obtain encryption, public, and private keys for lv2ldr, isoldr, the spp verifier, the pkg verifier, and the revocation lists themselves. We could've obtained appldr, (the loader used to load games and apps), but chose not to, since we are not interested in app-level stuff and that just helps piracy. We didn't have lv1ldr, but due to the way lv1 works, we could gain control of it early in the boot process through isoldr, so effectively we also had lv1 control.

    With these keys we could decrypt firmware and sign our own firmware. And since the revocation is useless and the lame "anti-downgrade" protection is also easily bypassed, this already enables hardware-based hacks and downgrades forever. Basically, homebrew/Linux on every currently manufactured PS3, through software means now, and through hardware means (flasher/modchip) forever, regardless of what Sony tries to do with future firmwares.

    The root of all of the aforementioned loaders is metldr, which remained elusive. Then Geohot announced that he had broken into metldr (with an exploit, analogous to the way we exploited lv2ldr to get its keys) and was thus able to apply our techniques one level higher in the loader chain. He has released the metldr keyset (with the private key calculated using our attack), but not the exploit method that he used.

    The metldr key does break the console's security even more (especially with respect to newer, future firmwares - and thus also piracy of newer games), and also makes some things require less workarounds. Geohot clearly did a good job finding an exploit in it, but considering a) he used our key recovery attack verbatim, and b) he found his exploit right after our talk, so he was clearly inspired by something we said when we explained ours, I think we deserve a little more credit than we're getting for this latest bit of news.

    There's still bootldr and lv0, which are used at the earliest point during the PS3 boot process. These remain secure, but likely mean little for the PS3 security at this stage.

  • Re:Same private key? (Score:3, Informative)

    by fail0verflow ( 1967628 ) on Monday January 03, 2011 @11:23PM (#34750482) Homepage
    > How does someone "find" a PS3 root key?

    First things first: it's not a "root" key.

    How you get it: you do some boring buffer overflow or integer overflow exploit (which you do have to find first of course), and then you do the computations we detailed at the 27c3 talk.

    Hardly rocket science. But it was indeed a (non-essential) missing piece.

Never buy from a rich salesman. -- Goldenstern