Difference between revisions of "IQue Player Security"
(Create security/encryption page) |
Jhynjhiruu (talk | contribs) m (→RSA) |
||
| Line 122: | Line 122: | ||
The public key is located in [[SKSA|SK]]. | The public key is located in [[SKSA|SK]]. | ||
| − | Every CMD and ticket is covered by an RSA-2048 signature to prevent alterations, such as granting more hardware and secure kernel call access or changing what console the ticket is for. Unlike the Wii, the iQue Player does not suffer from the [http://wiibrew.org/wiki/Signing_bug Trucha bug], so currently there is no way to use unsigned tickets other than patching | + | Every CMD and ticket is covered by an RSA-2048 signature to prevent alterations, such as granting more hardware and secure kernel call access or changing what console the ticket is for. Unlike the Wii, the iQue Player does not suffer from the [http://wiibrew.org/wiki/Signing_bug Trucha bug], so currently there is no way to use unsigned tickets other than patching SKSA in memory (e.g. with Jbop's [https://github.com/jbop1626/hackit_patcher HackIt Patcher]), or possibly taking advantage of the [[IQue Player System Flaws|"psychic paper" bug]] |
Latest revision as of 12:39, 10 June 2019
Unlike its predecessor the Nintendo 64, the iQue Player makes extensive use of encryption for security. This is probably due to the console's USB connectivity, as well as its ability to download games from the iQue server over the internet -- which would make pirating games extremely easy if they were transmitted and stored unencrypted. The security scheme is similar to that of the Wii, though more rudimentary.
General
The iQue makes use of several encryption algorithms:
All symmetric encryption is done using AES-128-CBC
ECC (using the curve NIST B-233 / sect233r1) is used to cryptographically sign certain files, and also to generate AES keys through ECDH.
RSA-2048 is used to sign files.
Usage
AES
Secure Kernel
| Key / IV | Location |
|---|---|
| SK key | Offset 0x1460 in the bootrom |
| SK IV | Offset 0x1470 in the bootrom |
Title Keys
Encrypted once with the common key, and then again if the app is a game.
(The title keys for SA's are only encrypted once).
| Key / IV #1 | Location |
|---|---|
| iQue Player common key | Offset 0xB8 in Virage2 |
| Title key IV | Offset 0x2814 in CMD |
| Key / IV #2 | Location |
|---|---|
| Derived using ECDH with console's private key and a public key in the game's ticket |
See ECC section for more info |
| Title key IV 2 | Offset 0x29BC in ticket |
.apps
An application/game downloaded from the iQue server, or on the console before first launch, will have the .app extension.
| Key / IV | Location |
|---|---|
| Title key | Offset 0x289C in CMD This is encrypted once or twice; see above for details. |
| Content IV | Offset 0x2838 in CMD |
.recs
If the recrypt flag is set in its CMD, a .app file will be re-encrypted and made into a .rec file on first launch.
| Key / IV | Location |
|---|---|
| Recrypt key (unique to both game and console) |
Encrypted 32-byte entry in recrypt.sys. Starts at offset 0x04 in decrypted entry. |
| Content IV | Offset 0x2838 in CMD |
recrypt.sys
Each individual 32-byte entry in the recrypt list is encrypted.
| Key / IV | Location |
|---|---|
| Recrypt list key | Offset 0xC8 in Virage2 |
| Derived from BBID | - |
ECC
Each console contains a unique key pair located in Virage2. The private key is located at offset 0x98, and the public key is located at offset 0x54.
This key pair is used to sign recrypt.sys with ECDSA to prevent tampering. Game saves are also signed when being copied to NAND, and their signatures are stored in (the aptly-named) sig.db.
Each game's ticket includes an ECC public key. This is used with the console's private key to create a unique AES key with which to re-encrypt the title key in the CMD. This derived key is created by taking the 16 bytes starting at offset 0x04 in the x-coordinate of the ECDH result.
RSA
The public key is located in SK.
Every CMD and ticket is covered by an RSA-2048 signature to prevent alterations, such as granting more hardware and secure kernel call access or changing what console the ticket is for. Unlike the Wii, the iQue Player does not suffer from the Trucha bug, so currently there is no way to use unsigned tickets other than patching SKSA in memory (e.g. with Jbop's HackIt Patcher), or possibly taking advantage of the "psychic paper" bug