On question I asked myself for a long time now (I know it is a very lazy and long way ) would it be possible to obtain eg. PS3 OFW by brute force ? How good is the encryption and how long would it take for which system power.

Thx a lot guys

Results 1 to 9 of 9

- 07-07-2011 #1
## [Answered] PS3 and the OFW help?

On question I asked myself for a long time now (I know it is a very lazy and long way ) would it be possible to obtain eg. PS3 OFW by brute force ? How good is the encryption and how long would it take for which system power.

Thx a lot guys

- 07-07-2011 #2

please elaborate what you mean... I mean what are you actually trying to gain via bruteforce?? Then i think i'd be of better help...

- 07-07-2011 #3I'm guessing he's talking about the private key. It wouldn't matter since Sony have already shown they can change the private key through system updates, and I don't have the time to work out how long it would take for x hardware platform but you're talking years and most likely longer than a lifetime.

- 07-07-2011 #4Each digit in the key raises the amount of time required by an order of magnitude (roughly, I'm not a cryptography expert), so my guess that the use of a long key would make that near to impossible. If it were, things like SSL and other certificate based authentication would be much more vulnerable and an alternative would already be in use.

- 07-07-2011 #5guys if he is talkin about the private key then what he would have to do is sign a package with that key install it somehow on his ps3 and test if it runs...!! i mean if therre is an automated system that could do it for him then it wont take much time... with all the possibilities it'd be around 30 to 35 with a beast churning every second...

However, that process would have to be done manually, let alone finding a way of installing packages on the newest fw, then the time we looking at would be around 14 to 15 years!!!

If he doesn't get so lucky that the first key jumping off his algorithm is the private key... lol...

- 07-08-2011 #6He wouldn't have to test it on a PS3 to know it's correct as the public keys it would generate could be validated mathematically, though I'd love to see how you came up with 14 to 15 years.

OK sorry for the double post but I got a bit bored at work and decided to work out a rough estimate as to how long it would take to brute force AES256 encryption to get the private key

AES256 is 256 bit encryption so there are 2^256 combinations, that's 1.1579208923731619542357098500869x10^77

The population of the world is approx 7000000000 or 7x10^9

Assuming there are 10 processors working the problem for every person on the planet, that's 70000000000 or 7x10^10

Assuming every processor can check 100 keys per second, that's 7000000000000 or 7x10^12 keys checked per second globally (A very generous estimate)

That means it'd take 1.6541727033902313631938712144098x10^64 seconds to check all the keys

There are 31556926 seconds in a year

Which means it would take 5.2418689430974086740700637774726x10^56 years to check all the keys

Statistically we would have found the key by the time we've checked just over 50% of them so that's:

2.6209344715487043370350318887363x10^56 years

or

26209344715487043370350318887363000000000000000000 0000000 Years

So yeah it's utterly pointless to tryLast edited by barrybarryk; 07-08-2011 at 12:19 AM Reason: Automerged Doublepost

- 07-08-2011 #7

- 07-08-2011 #8

- 07-08-2011 #9ähm Yes that's long 26209344715487043370350318887363000000000000000000 0000000 Years

Thx a lot guys I think we can close it.