Revision as of 22:29, 15 August 2012

Introduction

The following information was reverse engineered from LV1, Storage Manager in LPAR1, sb_iso_spu_module.self and sv_iso_spu_module.self.

First host and ENCDEC device exchange random numbers.
From the exchanged random numbers host and ENCDEC device compute the session key.
ENCDEC commands, e.g. to set ATA keys, are encrypted with the session key and AES-CBC-192.
Before a secure communication channel is established, host and ENCDEC device use static AES-CBC-192 keys to encrypt communication data. The static keys can be found e.g. in sb_iso_spu_module.self or sv_iso_spu_module.self.
Static ENCDEC keys depend on SB bus version. To get your SB bus version, read v2 of repository node SB bus id.
During the communication, host and ENCDEC device use random IVs which are sent unencrypted together with encrypted payload.

@@ Line 14: / Line 14: @@
 * ENCDEC commands, e.g. to set ATA keys, are encrypted with the session key and AES-CBC-192.
 * Before a secure communication channel is established, host and ENCDEC device use static AES-CBC-192 keys to encrypt communication data. The static keys can be found e.g. in sb_iso_spu_module.self or sv_iso_spu_module.self.
+* Static ENCDEC keys depend on SB bus version. To get your SB bus version, read v2 of repository node SB bus id.
 * During the communication, host and ENCDEC device use random IVs which are sent unencrypted together with encrypted payload.