Random Homebrew: HomebrewStoreHomebrewStore is a digital marketplace for homebrew PSP content. This content ranges from games to a [...]

## Understanding why we can't bruteforce Sony's encryption

Forum rules
Any post not directly related to programming will be moderated.
Do not request people to code something for you.
Avoid posting messages that do not bring anything to the conversation. We want the threads in this subforum to stay focused.

### Understanding why we can't bruteforce Sony's encryption

I've seen several people ask why we can't just bruteforce the encryption Sony uses to sign their eboots. After all, if we could sign our homebrew eboots we would be able to hack any PSP regardless of firmware. The truth is... it's not feasible to brute force the encryption. Here's how SilverSpring explained it:
Now let's do some real maths.

If you have 16Byte keys the real number of combinations is 256^16 since each Byte can have 256 different values. Another way to think of it is 16Bytes equals 128bits, since each bit can have 2 different values the number of combinations is 2^128.

Either way, they both come up with the same result:
256^16 = 3.4x10^38
2^128 = 3.4x10^38

So just how big is this number?

Approximately 340,282,366,920,938,463,463,374,607,431,770,000,00 0.

To put things in perspective, the current generally accepted age of the universe is 13.7 billion years. In nanoseconds that is 4.3x10^26.

That is 430,000,000,000,000,000,000,000,000.

Now imagine you could check a combination each nanosecond (which you couldnt: assuming it takes one cycle to execute each instruction on the psp, it actually takes a few cycles, even running at 333MHz would take around 3ns to execute each instruction).

So if you started from the begininning of creation and checked one combination each nanosecond until the present day, you would have only bruteforced a little over 88 bits, thats 11 bytes !

source

If you're unable to comprehend the math used above, just know it would take several billion years with our current technology to bruteforce the encryption unless something gets leaked from Sony.
PSP-1001 5.00 M33-6, PSPp-2001 5.50 GEN-D3, Wii 4.2U softmod, Xbox 360 Elite 250 GB HDD
Organized_Chaos

Posts: 54
Joined: Thu Sep 30, 2010 5:42 am
Location: Missouri, USA

### Re: Understanding why we can't bruteforce Sony's encryption

i love that example. i link to it every time someone asks why we dont use brute force
"Thanks to all you gays i am leaning allot" src
Which Linux Distro is right for me? Take A Quiz & Find Out or Compare Major Distros.
ultimakillz
Moderator

Posts: 1000
Joined: Mon Sep 27, 2010 6:55 pm
Location: Texas, USA

### Re: Understanding why we can't bruteforce Sony's encryption

Same here. Just a few days ago, someone asked... and I couldn't find that example. Well I finally found it today so I posted it here so I can always find it.
PSP-1001 5.00 M33-6, PSPp-2001 5.50 GEN-D3, Wii 4.2U softmod, Xbox 360 Elite 250 GB HDD
Organized_Chaos

Posts: 54
Joined: Thu Sep 30, 2010 5:42 am
Location: Missouri, USA

### Re: Understanding why we can't bruteforce Sony's encryption

When you see numbers bigger than 10^20, just forget it.
I wanna lots of mov al,0xb

"just not into this RA stuffz"

m0skit0
Guru

Posts: 4800
Joined: Mon Sep 27, 2010 6:01 pm

### Re: Understanding why we can't bruteforce Sony's encryption

In 2008, we are 6.709.132.764 people in the world...
if we divided our work, would result in:

340,282,366,920,938,463,463,374,607,431,770,000,000 / 6,709,132,764 = 50,719,277,571,437,020,300,910,922,237.903

We can only hope that humanity is increased.
TBG : Team Extraction member
tbg

Posts: 142
Joined: Mon Sep 27, 2010 4:35 pm

### Re: Understanding why we can't bruteforce Sony's encryption

m0skit0 wrote:When you see numbers bigger than 10^20, just forget it.

Or when you get the an error in the calculator.
TBG : Team Extraction member
tbg

Posts: 142
Joined: Mon Sep 27, 2010 4:35 pm

### Re: Understanding why we can't bruteforce Sony's encryption

tbg wrote:
m0skit0 wrote:When you see numbers bigger than 10^20, just forget it.

Or when you get the an error in the calculator.

That doesn't work on most newer calculators, my scientific calculator can go up to a max of 9.999999999 x 10^99.
Still, a good way to tell people to give up on brute forcing the encryption, although most still ignore it. Even back on advancedpsp there were some suggesting people split it up with different people doing it to speed it up, doesn't do very much when the numbers are that big.
There are 10 types of people in the world:
Nymphaea
Retired Mod

Posts: 178
Joined: Fri Oct 01, 2010 8:40 pm

### Re: Understanding why we can't bruteforce Sony's encryption

Organized_Chaos wrote:If you're unable to comprehend the math used above, just know it would take several billion years with our current technology to bruteforce the encryption unless something gets leaked from Sony.

Let's look up Sony employees and become their friends!!! :3
Nathaniell

Posts: 15
Joined: Wed Sep 29, 2010 4:09 am

### Re: Understanding why we can't bruteforce Sony's encryption

We can also call Sony and ask them to give us the key ...
TBG : Team Extraction member
tbg

Posts: 142
Joined: Mon Sep 27, 2010 4:35 pm

### Re: Understanding why we can't bruteforce Sony's encryption

Maybe we can a team and do a "mission impossible" to steal it from Sony's vault...
GBASP x1, GBM x2, NDSL x2, PSP 100X x3, PSP 200X x6, PSP 300X x5, PSP Go x4, Wii x1
coyotebean
Guru

Posts: 98
Joined: Mon Sep 27, 2010 3:22 pm

Next