When [[NCSD]] partition flag[3] or flag[7] are set, a SHA-256 hash is calculated over the data from the CXI(same data used with the original plain keyY), and an ID read from a gamecard command. The first 0x10-bytes from this hash is used for the keyY. When flag[7] is set(normally this is the only save flag set for [[2.2.0-4]] save encryption), the CTR will never repeat within the save image, unlike the original CTR-method. All games which had the retail NCSD image finalized after the [[2.2.0-4]] update(and contain [[2.2.0-4]]+ in the [[System Update CFA|System update partition]]), use this encryption method.
+
When [[NCSD]] partition flag[3] or flag[7] are set, a SHA-256 hash is calculated over the data from the CXI(same data used with the original plain keyY), and the 0x40-bytes from a gamecard command(this 0x40-byte data is also read by [[Process_Services_PXI|GetRomId]]). The first 0x10-bytes from this hash is used for the keyY. When flag[7] is set(normally this is the only save flag set for [[2.2.0-4]] save encryption), the CTR will never repeat within the save image, unlike the original CTR-method. All games which had the retail NCSD image finalized after the [[2.2.0-4]] update(and contain [[2.2.0-4]]+ in the [[System Update CFA|System update partition]]), use this encryption method.
This keyY generation method was supported before [[2.2.0-4]], however the proper CTR wasn't implemented until [[2.2.0-4]].
This keyY generation method was supported before [[2.2.0-4]], however the proper CTR wasn't implemented until [[2.2.0-4]].