Crypto / DRM

From PS4 Developer wiki
Revision as of 23:42, 14 January 2016 by Roxanne (talk | contribs)
Jump to navigation Jump to search

Update: AES Content Keys

AES Content Keys

84 41 07 03 DA A8 4E 86 AC D4 F4 DF A2 44 1F 37

Boot Signature

/BOOT/SESS/STRT/bsig=DL_GameDev-0012345-Exampl-Devel-Test1&vers=PG&edtn=0

(Not posting actual bsig of games or apps to stop this from being fixed before its useful)

First 2 bytes of the sig "0012345" are dev specific and dont change when an update or patch is issued.

3rd Byte is predictable based on prior update for the application.

/BOOT/SESS/HRDW/mntd=1&knct=0


(Extra Auth/Boot Signature ID)

Retail BootSigID Update 1: e9b803

dbf4c9a69f7cc46952e9b803

Retail BootSigID Update 2: f3df56

dbf4c9a69f7cc46952f3df56


/BSID/STR0/TLM3/data=dbf4c9a6 (8 Bytes)

/BSID/STR1/TLM3/data=9f7cc469 (8 Bytes)

/BSID/STR2/TLM3/data=52UPDATE (8 Bytes)

Last 6 bytes of /STR2/ change every time a new update or patch is issued. Others stay constant and are app specific.


/BSID/STR0/STR1/bsid=dbf4c9a69f7cc46952UPDATE (24 Bytes)


Updates for certain apps and games can be skipped by making the BootSig and the BootSigID match the most recent patch when the check is done.

Note: Some apps also check "minRequiredAppVersion".

Compression & Encryption

Some games are packaging game updates/script files with lzma. After you decompress the lzma the files you get have an additional layer of encryption.

Registry

HardwareId= getRegistry().hardwareId

Manufacturing Id= getRegistry().hardwareId:sub(1, 4)

Model Id= getRegistry().hardwareId:sub(1, 8)

registerStateType(default, cancel, reset)

PseudoRandom Number Generator

math.randomseed(Time)

The Randomseed for software based PRNG is just time, allowing you to predict the seed due to low entropy

[1]

  1. The choice of a good random seed is crucial in the field of computer security. When a secret encryption key is pseudo-randomly generated, having the seed will allow one to obtain the key.

Video DRM

PlayReady

PlayReady DRM (used by PS4/PS3 Netflix e.g.) - note: 4K is not supported as that would require PlayReady 3.0

Marlin

Marlin DRM (used by PS4/PS3/PSP)

Advanced Access Content System (AACS)

AACS (used by BluRay Video / BD]

AES encrypted video

AES-128 (used for Live Streaming?)

AMD64 has AES-NI support

Key selection vector (KSV)

KSV (used by HDCP)

Content Scramble System (CSS)

CSS (used by DVD-Video)

Cinavia

Cinavia - in short terms, PS4 has Cinavia built-in the System Firmware. Message Code 3 = CE-37960-5