This is quite interesting! Thanks for sharing what you found!
It would be nice to check and make sure that CBC is used (not PCBC, CFB, OFB or CTR as explained in http://en.wikipedia.org/wiki/Cipher_block_chaining ...)
What RexVF5 suggested seems like the best way to test this :
Encrypt 2 blocks of clear text - P1 and P2, you will get 2 blocks of encrypted text C1 and C2.
Encrypt 3 blocks - P1, P2 and P3 so that P3 XOR C2 is the same as P2 XOR C1. Input to cipher in third block thus should be the same as to second block. If it is so, C3 should be the same as C2.
My best guess would be that it's AES-CBC 128-bit.. Since hjannor said it operates on 16 byte chunks...
Did anyone try to do a cold boot attack on it to see if we could get the encryption keys out of the RAM ?
See here for more info : http://en.wikipedia.org/wiki/Cold_boot_attack
It could be done maybe by a simple off/on on the back switch + power on.. putting the ps3 in a fridge before would probably help!
Someone with liquid nitrogen and willing to put it on the RAM and unplug the RAM from the machine would have better success rates I suppose but anyways... booting into a minimal otherOS and quickly dumping the RAM might give us some info on the encryption keys... (does the hypervisor allow us to access the raw RAM by the way? I guess it does...)
Anyways, The method to decrypt/encrypt the disc is great, kudos to the people who discovered it (and no worries, I don't think sony can prevent this without forcing a full re-encrypting of the whole HDD which they can't afford to do).
I'm interested in knowing a few things, if someone is willing to try it out :
- Those 0x000000 bytes at the start of a sector that are encrypted in the same way everytime, does it change from one ps3 to another? Does it change if you change the HDD and reformat it? In other words, is the key unique to every PS3, or is it dependent on the HDD?
- By properly feeding data to the PS3 to encrypt (the dummy file), we can easily recore the initialization vector (IV) for the CBC.. can we also check if the IV is unique to the PS3 or is it always the same? Does it change if we change the HDD on the same PS3 ?
- By zero wiping an HDD then formatting it (fully) for the PS3, how much space is taken by the OS (how many non zero bytes are stored) ? Do they ALL seem to be encrypted or is there a small header that isn't encrypted (might contain the keys or IV if the key seems to change after every format) ?
- If we zero wipe the HDD then format it, then decrypt the whole OS stored on it, then 'dd' (write to the disc) the decrypted partition, how does it get detected? is it ext3, reiserfs, etc.. ? can a Linux system recognize the file system and mount it ?
we can obviously *encrypt* data back into the HDD too... pretty simple, put a huge dummy file, find its offset, copy the encrypted OS on it, decrypt it with the PS3, copy it to your PC, modify it, write it back as the 'dummy' file using the PS3, plug the HDD back to the PC and at the file's offset, you'll get the new encrypted OS, just replace the previous OS offsets with the dummy file's content... boot the PS3 and you got a modified OS on your PS3 (assuming it boots)
The process is hard and takes time, but if we use small HDDs (the minimum size for a sata 2.5" is probably 10 or 20 GB.. if you can find one..) and use external HDD connectors, it could be help speed up the process... I'll try to test all this, but I don't have a spare 2.5" drive
Keep up the good work!