Welcome to Doom9's Forum, THE in-place to be for everyone interested in DVD conversion.

Before you start posting please read the forum rules. By posting to this forum you agree to abide by the rules.

 

Go Back   Doom9's Forum > General > Decrypting

 
 
Thread Tools Search this Thread Display Modes
Prev Previous Post   Next Post Next
Old 30th March 2018, 11:28   #11  |  Link
candela
Registered User
 
Join Date: Jun 2005
Posts: 259
But isn't it likely that the bd+ module just asks the aacsmodule to perform some AES calculation with bd+ keys just like the bdplayer does for the regular aacs? Then it would make sense to store bd+ keys also in the aacs module. There's a list of commands on ps3devwiki. Although it does say it's not a complete list I'm wondering why there are no commands like "get volume unique/unit key" or would the aacsmodule decrypt the video streams internally? Anyway, array1 is present since FW4.00 and is still the same in FW4.82. If we assume it's in the same relative location to the host certificate in FW3.50, we can find a different array1 in FW1.02-3.76. So I don't think it's going to help getting device keys from FW4.50.

My AES knowledge is extremely limited but I keep reading that for AES-CTR using the same IV multiple times is unsafe. Can we exploit this somehow if we assume:
- FW4.50 still uses aes-ctr to encrypt the device keys (but with unknown aes-ctr-key/iv)
- FW4.50 has the same device keys as FW4.46 (because the device key masks are the same)
- FW4.50, FW4.53, FW4.70 use the same aes-ctr-key/iv to encrypt the device keys (because we can see some identical encrypted device keys if we compare the 4048 byte block)

The main hint on ps3dewiki is still the "private key enc/dec" which only appears since FW4.50.

Last edited by candela; 30th March 2018 at 11:37.
candela is offline   Reply With Quote
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 20:30.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.