3dbrew

3DS System Flaws: Difference between revisions

← Older editNewer edit →
Guiand (talk | contribs)
165 edits
m Only on N3DS
Guiand (talk | contribs)
165 edits
mNo edit summary
Line 127: Line 127:
|-
|-
| Leak of normal-key matching a key-scrambler key
| Leak of normal-key matching a key-scrambler key
| New 3DS firmware versions [[8.1.0-0|8.1.0]] through [[9.2.0-20|9.2.0]] set the encryption key for [[Amiibo]] data using a hardcoded normal-key in Process9.  In firmware [[9.3.0-21|9.3.0]], Nintendo "fixed" this by using the key scrambler instead, by calculating the keyY value for keyslot 0x39 that results in the same normal-key, then hardcoding that keyY into Process9.
| New 3DS firmware versions [[8.1.0-0 New3DS|8.1.0]] through [[9.2.0-20|9.2.0]] set the encryption key for [[Amiibo]] data using a hardcoded normal-key in Process9.  In firmware [[9.3.0-21|9.3.0]], Nintendo "fixed" this by using the key scrambler instead, by calculating the keyY value for keyslot 0x39 that results in the same normal-key, then hardcoding that keyY into Process9.


Nintendo's fix is actually the problem: Nintendo revealed the normal-key matching an unknown keyX and a known keyY.  Combined with the key scrambler using an insecure scrambling algorithm (see "Hardware" above), the key scrambler function could be deduced.
Nintendo's fix is actually the problem: Nintendo revealed the normal-key matching an unknown keyX and a known keyY.  Combined with the key scrambler using an insecure scrambling algorithm (see "Hardware" above), the key scrambler function could be deduced.
Retrieved from "https://www.3dbrew.org/wiki/3DS_System_Flaws"