

Thread: PS3 and the OFW help?

07072011 #1
PS3 and the OFW help?
On question I asked myself for a long time now (I know it is a very lazy and long way ) would it be possible to obtain eg. PS3 OFW by brute force ? How good is the encryption and how long would it take for which system power.
Thx a lot guys

07072011 #2
please elaborate what you mean... I mean what are you actually trying to gain via bruteforce?? Then i think i'd be of better help...

07072011 #3
I'm guessing he's talking about the private key. It wouldn't matter since Sony have already shown they can change the private key through system updates, and I don't have the time to work out how long it would take for x hardware platform but you're talking years and most likely longer than a lifetime.

07072011 #4
Each digit in the key raises the amount of time required by an order of magnitude (roughly, I'm not a cryptography expert), so my guess that the use of a long key would make that near to impossible. If it were, things like SSL and other certificate based authentication would be much more vulnerable and an alternative would already be in use.

07072011 #5
guys if he is talkin about the private key then what he would have to do is sign a package with that key install it somehow on his ps3 and test if it runs...!! i mean if therre is an automated system that could do it for him then it wont take much time... with all the possibilities it'd be around 30 to 35 with a beast churning every second...
However, that process would have to be done manually, let alone finding a way of installing packages on the newest fw, then the time we looking at would be around 14 to 15 years!!!
If he doesn't get so lucky that the first key jumping off his algorithm is the private key... lol...

07082011 #6
He wouldn't have to test it on a PS3 to know it's correct as the public keys it would generate could be validated mathematically, though I'd love to see how you came up with 14 to 15 years.
OK sorry for the double post but I got a bit bored at work and decided to work out a rough estimate as to how long it would take to brute force AES256 encryption to get the private key
AES256 is 256 bit encryption so there are 2^256 combinations, that's 1.1579208923731619542357098500869x10^77
The population of the world is approx 7000000000 or 7x10^9
Assuming there are 10 processors working the problem for every person on the planet, that's 70000000000 or 7x10^10
Assuming every processor can check 100 keys per second, that's 7000000000000 or 7x10^12 keys checked per second globally (A very generous estimate)
That means it'd take 1.6541727033902313631938712144098x10^64 seconds to check all the keys
There are 31556926 seconds in a year
Which means it would take 5.2418689430974086740700637774726x10^56 years to check all the keys
Statistically we would have found the key by the time we've checked just over 50% of them so that's:
2.6209344715487043370350318887363x10^56 years
or
26209344715487043370350318887363000000000000000000 0000000 Years
So yeah it's utterly pointless to try

07082011 #7

07082011 #8
lol well it's a slow day at the office and he did ask

07082011 #9
ähm Yes that's long 26209344715487043370350318887363000000000000000000 0000000 Years
Thx a lot guys I think we can close it.

