PSP Decryption

[coolkehon]

I heard that the main boot ipl ( I have no idea what I'm talking about ) modules uses encryption during the booting of the psp. I'd like to try to break that encryption. Any ideas where I should start. I know it uses aes but I'd like to run a bruteforce attack on it. And maybe i'll get lucky :P. Help plz

[SilverSpring]

What do you want to do exactly?

The IPL can already be decrypted, unless you are talking about IPL's for PSP 3K's and PSP GO's which we cannot decrypt because we are unable to dump the pre-IPL for those models (which the IPL encryption uses as a seed).

[coolkehon]

there was something that we could not do because of aes encryption during boot of the psp so instead we had to hook it. I haven't check on it in quite some time so I don't even remember what it was. You guys may have even of fixed it by now

[SilverSpring]

You are going to have to be more specific, I still don't know what you are talking about. Do you have any more information than just a vague "something we could not do"?

[coyotebean]

The main security of the PSP is in the "Kirk chip". Currently there is no public knowledge of the exact algorithm & keys used. The "main" & "payload" part of the IPL is not directly protected by AES. Your question seems to suggest you are questioning about the protection of the Kernel keys?

[coolkehon]

yes that would be correct. I guess you guys have it figured out when it comes to booting the psp.

But Why is the 3000 not cracked?

[Torch]

Because prior to Pandora we relied on the weak security of 1.50OFW to boot CFW which doesn't work on the Slim onwards. The Pandora IPL block was used only in 3.52M33-something onwards.

[coolkehon]

the what steps would be needed to crack the psp 3000

[SilverSpring]

So basically you're question is how to get the kernel keys from the IPL? The IPL (on 1K and 2K) and can already be decrypted no problem (which ends up exposing the keys in the plain).

Regarding cracking the 3K, it depends what you mean by "cracking" it. The 3K can already run unsigned code via exploits. If you are asking what it takes to get Pandora to work on it:

Firstly the service mode trigger via the battery is now encrypted so that has to be figured out. That will enable the 3K to boot into service mode. The next step would be to figure out how to run unsigned code from the MS IPL. The exploit that Pandora relied on in the pre-IPL has now been patched on the 3K (and later model 2K's) so we cannot run custom IPL's.

It's unlikely there would exist another exploit in the pre-IPL that'll allow unsigned code to run however we are unable to dump the 3K pre-IPL to even search for one. That is also why the 3K IPL cannot be fully decrypted since it uses the contents of the pre-IPL as a seed to decrypt it.

So basically to 'crack' the 3K we need exploits or figure out how to sign code like Datel figured out.

EDIT: also could you be a little more specific when asking questions, your comments are a bit too vague to understand what exactly you are asking about.

[Torch]

Do you think they simply added the IPL block hash as an easy fix for the exploit or that they have fixed the exploit and added the hash as an extra security measure?

[jimparis]

An easy fix is still a fix

[Torch]

An easy fix is still a fix

That means it can be cracked if its dumped.

[Davee]

An easy fix is still a fix

That means it can be cracked if its dumped.

No, it's still a fix.

[Torch]

No, it's still a fix.

If its only the hash then its probably software calculated in the pre-IPL like DAX said before, meaning the exploit if unpatched would still work if the hash is correct.