IBM Patent Answer to PS3 Exploit?
Lots of encryption, keys and binding going on in this one.
A few weeks ago George Hotz had discovered an exploit to 'trick' a PlayStation 3 into doing whatever he wanted, marking something of a breakthrough in console hacking. Today, a patent filed by one Kanna Shimizu of IBM aims to “control unauthorized access to encrypted application program code.”
PS3News reports that the patent is believed to be a response by Sony to counteract Hotz's recent exploit. It involves several authorisation keys that bind with one another in order to test the ownership and legitimacy of programs and applications.
To quote the patent, as we can't really explain it any better;
“A method, system, and computer-usable medium are disclosed for controlling unauthorized access to encrypted application program code. Predetermined program code is encrypted with a first key. The hash value of an application verification certificate associated with a second key is calculated by performing a one-way hash function.
“Binding operations are then performed with the first key and the calculated hash value to generate a third key, which is a binding key. The binding key is encrypted with a fourth key to generate an encrypted binding key, which is then embedded in the application.
“The application is digitally signed with a fifth key to generate an encrypted and signed program code image. To decrypt the encrypted program code, the application verification key certificate is verified and in turn is used to verify the authenticity of the encrypted and signed program code image. The encrypted binding key is then decrypted with a sixth key to extract the binding key.
“The hash value of the application verification certificate associated with the second key is then calculated and used with the extracted binding key to extract the first key. The extracted first key is then used to decrypt the encrypted application code.”
Quite. Time will tell how this patent will be implemented, or if it will even work. We wonder if it's enough to deter Hotz. What do you think, readers?
PS3News reports that the patent is believed to be a response by Sony to counteract Hotz's recent exploit. It involves several authorisation keys that bind with one another in order to test the ownership and legitimacy of programs and applications.
To quote the patent, as we can't really explain it any better;
“A method, system, and computer-usable medium are disclosed for controlling unauthorized access to encrypted application program code. Predetermined program code is encrypted with a first key. The hash value of an application verification certificate associated with a second key is calculated by performing a one-way hash function.
“Binding operations are then performed with the first key and the calculated hash value to generate a third key, which is a binding key. The binding key is encrypted with a fourth key to generate an encrypted binding key, which is then embedded in the application.
“The application is digitally signed with a fifth key to generate an encrypted and signed program code image. To decrypt the encrypted program code, the application verification key certificate is verified and in turn is used to verify the authenticity of the encrypted and signed program code image. The encrypted binding key is then decrypted with a sixth key to extract the binding key.
“The hash value of the application verification certificate associated with the second key is then calculated and used with the extracted binding key to extract the first key. The extracted first key is then used to decrypt the encrypted application code.”
Quite. Time will tell how this patent will be implemented, or if it will even work. We wonder if it's enough to deter Hotz. What do you think, readers?
Read More Like This
Comments
Daz 16 Feb 2010 14:38
1/1
whatever can be done, can be undone, they'll find away might take them a while (if they even understood that which they probably do), while for the average joy even the simplest of protection is enough, but for people with the know how they'll just keep trying until they succeed, make any protection just a time buyer.