Tuesday, October 06, 2015
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Twitter 'Moments'To Highlight Best Tweets
Hololens, New Lumia Smartphones, Band, Surface Pro 4 and Surface Book Shined At Microsoft's Windows 10 Devices Event
Sharp Showcases Ultra HD Blu-ray Recorder, 8K TV at CEATEC 2015
EU Court Says EU-US Data Transfer Pact Is Invalid
New Roku 4 Streaming Player Supports 4K Resolution
Sharp Showcases RoboHon Mobile Robot At Ceatec
Skyworks to Buy PMC-Sierra for $2 Billion in Cash
Sony Semiconductor Solutions Corporation Established
Active Discussions
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
How to burn a backup copy of The Frozen Throne
Help make DVDInfoPro better with dvdinfomantis!!!
Copied dvd's say blank in computer only
menu making
Optiarc AD-7260S review
 Home > News > Games > Weak Cr...
Last 7 Days News : SU MO TU WE TH FR SA All News

Friday, December 31, 2010
Weak Cryptography Keys Exploit PS3's Security Measures Against Running Linux

Despite Sony's "efforts" to patch the security holes of the PS3 game console and lock out Linux sofware apps, hackers are now claiming that they have managed to gain access to the system's innards by taking advantage PS3's poor use of public key cryptography.

According to a team of hackers called "fail0verflow," the PS3 private signing key or ECDSA signature was exposed (Digital Signature Algorithm). The group located this private cryptographic key needed to sign off on high-level operations. Such keays are generally hard to be exposed and according to their complexity, they require running many generations of keys to crack.

The hackers worked backawrds: They used the generated keys and soon they discovered that a parameter (k) that should have been randomized for each key generation wasn't being randomized at all. And since the PS3 was using the same number for that variable, it was easy to work out acceptable keys using simle algebra. If you are interested in cryptogry, you may read this blog post describing how essential the use of a random parameter (k) in the DSA is in order a system to be safe against hacks.

"It is extremely important that all bits of parameter k be unique, unpredictable, and secret. With two DSA signatures on separate messages with the same k, you can recover the signer?s private key," the team says.

At the 27th Chaos Communication Congress, the team talked about various hacks that users can use to gain control of their PS3 and make it run their own code.

2010 saw the first hacks for the Playstation 3, soon after Sony removed Other OS functionality. The team described how Sony went wrong when designing its security system, and show how these holes can be used to gain control over the system and bring Linux back to the PS3.

Mozilla And Tsinghua University Develop IPv6 Browser        All News        Facebook Tops Google As Most Visited Site in U.S.
Sony Files Complaint Against fail0verflow Group Over Latest PS3 Hacks     Games News      Nintendo Bars Children Under 6 From Viewing 3D Content On New Nintendo 3DS Game Player

Get RSS feed Easy Print E-Mail this Message

Related News
PlayStation Now Subscriptions Come to PS3
Sony To Launch Video-streaming Service In The U.S.
PS3 Update v.4.50 Launches Today
Sony Says 'Last Of Us Sales' Is The Fastest Selling PS3 Title of 2013
New Firmware For Sony PS3 Fixes Last week's Issues
Sony Pulls Faulty Firmware For PlayStation 3
Sony PS3 To be manufactured in Brazil
Sony Partners With More Game Developers to Expand Independent Game Portfolio for All PlayStation Platforms
Sony To Provide Unity Development Environment For PS4, PS3, PS Vita And PS Mobile
Sony PlayStation Event Set For February
Game Console Ban in China May Be Lifted: Report
Sony's PS4 Is Said To Integrating Biometrics, Touchscreen Controller

Most Popular News
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2015 - All rights reserved -
Privacy policy - Contact Us .