PS3 LV2 Loader, METLDR, Application Keys and SHA1 Hashes!
Today the PS3 LV2 Loader (lv2ldr), METLDR, Application / IV (initialization vector) keys and SHA1 hashes used to verify the keys have been publicly released by various PlayStation 3 developers. Below they are all listed, as follows:
[Register or Login to view links] released the SHA1 hashes of the different PS3 keys:
He also tweeted the following: In fact it decrypts most of the application selfs the 3.15 appldr key decrypts updaters too Looks like the isolated secure loaders aren't that secure anymore eh ? Looking for the curve list now. Ok so now if you can calculate K You'll also need to use a pre 3.40 lv2ldr but that's kinda obvious. By your lv2 I obviously mean custom firmware (for instance replace lv2_kernel) with a linux kernel. (of course you still need to flash it) Just one last thing, if you decrypt 2 lv2_kernel, you can calculate m then k, if you get k, and the keys I tweeted, you can have your lv2. btw those keys also happen to decrypt the ps2_emu binaries if anyone cares.
P.S. The self revision is located at 0x00000009 in the self header, it defines the key set in use.
Nah, they are the hash signatures of the keys in hex form. I suppose to prove to everyone that they have them without actually releasing them.
They seem to match the signatures of the publicly known ones (lv2 and pkg) Since they aren't salted I suppose it's feasible to run the ivs through a 0-9 A-F 16 byte rainbow table but I'm not so sure about the 64 byte key.
Either way, anyone knowledgeable enough about this kind of stuff would just find it easier to grab the keys themselves using the techniques described during the conference rather than bruteforcing them from a SHA-1 signature which, funnily enough, would take a lot more effort and computing power.