PlayStation 3 code signing cracked (The Register)
PlayStation 3 code signing cracked (The Register)
Posted Dec 30, 2010 20:45 UTC (Thu) by jengelh (guest, #33263)Parent article: PlayStation 3 code signing cracked (The Register)
Conspiracy time: I wonder if some clever worker put in a static 'm' on purpose ahead of time, under the suspicion that it would only be a matter of time until management decided to throw out OtherOS.
Posted Dec 30, 2010 23:55 UTC (Thu)
by mgedmin (subscriber, #34497)
[Link]
The elliptic curve crypto used for digital signatures on the PS3 has two secret values: k - the private key, and m - a random number used once. If you have two signatures that were computed using the same m value, you can trivially recover the secret key k. Which is exactly what happened here.
PlayStation 3 code signing cracked (The Register)
For those who haven't watched the whole 45-minute presentation: