ps3 disc sigs

**imtoodvs** · 06-12-2009

Sponsored Links

Well, short answer is not really, but at the same time yes, if that makes any sense.

To be honest, lets assume the system is cracked, wide open. It still really is not practical to run backups off a disk , the price of BD-R media + burners, although has dropped, is still high. Since you can run a backup with relative ease from hdd/usb/network, it would be a moot point.

However, the issue then lies with how far is the system cracked - enough to run unsigned executables, or more along the lines of a drive mod. If it is unsigned executables, then the above is true.

If it is a drive mod however, then more work would be needed. We know the PS3 has a few special sectors (among others) that govern the disk layer crypt, but even after that is gone, the executables have a flag in them, basically a media check, that wont allow the decryption of the executable unless its being run from a legit, pressed disk.

Which in turn, goes back to #1 - opening the system.

So, its not really a clear answer, but hopefully that gave you some insight.

**imtoodvs** · 06-12-2009

it makes great sense, i was just about to create another post but since i have you here:

lets say i had a copy of FF7 Advent Children: complete from Japan.
the disc comes with a demo of FF13, so if i made a backup of the entire disc
would it be possible that the demo would still work. just a thought maybe $ony finally slipped up.

**CJPC** · 06-12-2009

Nope! Even on a TEST, a SELF without any of the disk encryption (still the SELF encryption) will not run from HDD/Network/Burnt Media, due to flags in the decryption process.

**imtoodvs** · 06-12-2009

good to know, i was just about to find a copy to buy & try, thanx for the save

**teknoz** · 10-12-2009

Originally Posted by CJPC

We know the PS3 has a few special sectors (among others) that govern the disk layer crypt

Has this been proven for sure? I mean, is the PS3 game BD-ROM different from a standard blu-ray pressed disc (just like ps2 dvds had special sectors for copy protection) ?

I assumed that the encryption layer plus the differences between a -R and a pressed disc would be enough to block illegal copies (but still probably would have been easily defeated by commercial pirates with multi$$$ equipment).

Thanks for any insight...

**CJPC** · 10-12-2009

Originally Posted by teknoz

Has this been proven for sure? I mean, is the PS3 game BD-ROM different from a standard blu-ray pressed disc (just like ps2 dvds had special sectors for copy protection) ?

I assumed that the encryption layer plus the differences between a -R and a pressed disc would be enough to block illegal copies (but still probably would have been easily defeated by commercial pirates with multi$$$ equipment).

Thanks for any insight...

We are sure - even based off a debug image - there are a special sectors on it (like on PS2) that govern what sectors are encrypted or not, etc!

Then, on top of that there are the "booktypes", then all the revoke stuff, and other BD specific security features!

**tiefputin1** · 10-13-2009

thinking about disc signatures, has any of the devs/hackers in here took a close look to psn versions of the retail disc versions? mibi (like on pc) the ps3 executables got an licensing system (deciding cdcheck, account drm, trial, nocd demo etc.) ?

just an idea..

**Mathieulh** · 10-15-2009

The whole thing gets quite complicated here.

Basically, the retail discs have encrypted sectors which are decrypted through the lv2 kernel. The key to decrypt those sectors differ from finalized (retail) discs to master discs. (masterdiscs only work on debug consoles anyway)

Then you have on retail disc something called the secure authentication, once this step is validated and the sectors are being decrypted (on the fly through AES), encrypted (secure/finalized) EBOOT.BIN files will be able to run. (those files wont run unless the secure authentication is passed)

To run the EBOOT.BIN has (on retail consoles) to be signed, so you wont be able to run your own code there unless you bypass the signature checks)

The selfs have two types of signature, one for authenticated bluray (and other medias on debug consoles), and one for hdd (npdrm signature) This makes it that an EBOOT.BIN signed for bluray will only run from /dev_bdvd (only authenticated media) while one signed for hdd will only run from (/dev_hdd0), there are different flags for both type of selfs and possibly even different signature keys.

Those "signatures" are even enforced on debug consoles by adding a fake header to the elfs (so they become "fake self") those are different from one another and a file with a npdrm header wont run on any other device than /dev_hdd0) (not that a self needs to actually be finalized/signed to run on retail as more restrictions are enforced on those consoles)

So to run your own code from your own bluray disc, you would have to somehow bypass, fake or replicate the secure authentication process of the disc (this is by the way no easy task), then you would have to encrypt the disc sectors with the retail AES key and finally (the hardest task of all) you would have to bypass the binary signature check performed by the kernel.

This is of course no easy task and you cannot use the debug masterdiscs to run them on retail consoles because of the few differences I mentioned earlier (begining with the fact that the disc sectors aren't even encrypted with the same key), also the disc auth is performed differently (the master discs use a masterdisc sector, while the retail discs go through the secure authentication)

I hope this was informative enough for you, feel free to ask any question should you need to.

**tiefputin1** · 10-16-2009

hmm... and whats the deal why backups on bd wont run? its not like it got any twin sectors or measuring angles

ps3 disc sigs

Thread Tools

ps3 disc sigs