IBM Anti-Geohack Patent to Protect Secrets Against Attacks?!

[Rav]

A few weeks back GeoHot Hacked PS3, and now a new http://www.faqs.org/patents/app/20100037068 has surfaced from Kanna Shimizu of IBM for a method to protect secrets against encrypted section attacks.

SKFU writes: It seems it is SONY's answer for GeoHot's progress.

Take a look here, to quote: "A method, system, and computer-usable medium are disclosed for controlling unauthorized access to encrypted application program code. Predetermined program code is encrypted with a first key.

The hash value of an application verification certificate associated with a second key is calculated by performing a one-way hash function. Binding operations are then performed with the first key and the calculated hash value to generate a third key, which is a binding key.

The binding key is encrypted with a fourth key to generate an encrypted binding key, which is then embedded in the application. The application is digitally signed with a fifth key to generate an encrypted and signed program code image.

To decrypt the encrypted program code, the application verification key certificate is verified and in turn is used to verify the authenticity of the encrypted and signed program code image. The encrypted binding key is then decrypted with a sixth key to extract the binding key.

The hash value of the application verification certificate associated with the second key is then calculated and used with the extracted binding key to extract the first key. The extracted first key is then used to decrypt the encrypted application code."


More PlayStation 3 News...

[Raze1988]

Keys to encrypt keys to encrypt keys to encrypt keys...

Maybe this has nothing to do with the PS3, but only with their servers?

Anyway, I'm not updating my firmware for a while

[PS3 News]

They were actually talking about this on IRC a bit today... interesting stuff indeed! I have been too busy to do a news post on it but props to SKFU for doing one.

Maybe this has nothing to do with the PS3, but only with their servers?

There is always that chance, however, the folks at PS2Dev (http://forums.ps2dev.org/viewtopic.php?t=12863) also find it ironic on the timing of this.

adresd
As can be seen, dated 02-11-2010, so very recent.

[Saffar]

So does this mean that if you upgrade firmware, you will not be able to dump the Hypervisor? or does this also require a hardware change??

[ModderFokker]

Decrypt the keys through some sort of "Folding@Home" app

Just have to write it though and have a few hundred/thousand ps3 owners join in the battle.

Maybe well get those keys by 2052

[Kiriller]

Lol really is Sony & IBM really scared that the hypervisor will be hacked in no time? This is a sad move from the corporate side, this patent will not mean anything if system is going to be hacked, no way to trace the author, hackers are not stupid.

[ModderFokker]

This could be good or bad news.

Either she already knew this would come and hid this patent untill just now.

OR shes cashing in and made a new patent that can be used in future consoles.

[pop1234]

sony are idiots and ibm too

[hopshock]

sony are idiots and ibm too

Yes, idiots. Making such amazing technology like the Cell Processor and PS3. You call them idiots.

[tborsje]

sony are idiots and ibm too

I don't see how they're idiots, all they're doing is responding to a well publicized breach of their hardwares security. Wouldn't you if you were a hardware manufacturer?

Anyway who cares about this, none of the PS3's in homes today or probably for many months/years will have this technology.