Understanding why we can't bruteforce Sony's encryption

[Organized_Chaos]

I've seen several people ask why we can't just bruteforce the encryption Sony uses to sign their eboots. After all, if we could sign our homebrew eboots we would be able to hack any PSP regardless of firmware. The truth is... it's not feasible to brute force the encryption. Here's how SilverSpring explained it:

Now let's do some real maths.

If you have 16Byte keys the real number of combinations is 256^16 since each Byte can have 256 different values. Another way to think of it is 16Bytes equals 128bits, since each bit can have 2 different values the number of combinations is 2^128.

Either way, they both come up with the same result:
256^16 = 3.4x10^38
2^128 = 3.4x10^38

So just how big is this number?

Approximately 340,282,366,920,938,463,463,374,607,431,770,000,00 0.

To put things in perspective, the current generally accepted age of the universe is 13.7 billion years. In nanoseconds that is 4.3x10^26.

That is 430,000,000,000,000,000,000,000,000.

Now imagine you could check a combination each nanosecond (which you couldnt: assuming it takes one cycle to execute each instruction on the psp, it actually takes a few cycles, even running at 333MHz would take around 3ns to execute each instruction).

So if you started from the begininning of creation and checked one combination each nanosecond until the present day, you would have only bruteforced a little over 88 bits, thats 11 bytes !

source


If you're unable to comprehend the math used above, just know it would take several billion years with our current technology to bruteforce the encryption unless something gets leaked from Sony.

Advertising

[ultimakillz]

i love that example. i link to it every time someone asks why we dont use brute force

Advertising

[Organized_Chaos]

Same here. Just a few days ago, someone asked... and I couldn't find that example. Well I finally found it today so I posted it here so I can always find it.

[m0skit0]

When you see numbers bigger than 10^20, just forget it.

[tbg]

In 2008, we are 6.709.132.764 people in the world...
if we divided our work, would result in:

340,282,366,920,938,463,463,374,607,431,770,000,000 / 6,709,132,764 = 50,719,277,571,437,020,300,910,922,237.903

We can only hope that humanity is increased.

[tbg]

When you see numbers bigger than 10^20, just forget it.

Or when you get the an error in the calculator.

[Nymphaea]

When you see numbers bigger than 10^20, just forget it.

Or when you get the an error in the calculator.

That doesn't work on most newer calculators, my scientific calculator can go up to a max of 9.999999999 x 10^99.
Still, a good way to tell people to give up on brute forcing the encryption, although most still ignore it. Even back on advancedpsp there were some suggesting people split it up with different people doing it to speed it up, doesn't do very much when the numbers are that big.

[Nathaniell]

If you're unable to comprehend the math used above, just know it would take several billion years with our current technology to bruteforce the encryption unless something gets leaked from Sony.

Let's look up Sony employees and become their friends!!! :3

[tbg]

We can also call Sony and ask them to give us the key ...

[coyotebean]

Maybe we can a team and do a "mission impossible" to steal it from Sony's vault...