Skip to main content

PS3 private key discovered through Sony error

One of the hackers who discovered the security code which may open the PlayStation 3 up to piracy has suggested that Sony made a 'critical mistake' with its own security.

Speaking to the BBC, the hacker known as Pytey who is part of the fail0verflow group, said that the key would have been almost impossible to find had Sony kept its house in order.

"Sony uses a private key, usually stored in a vault at the company's HQ, to mark firmware as valid and unmodified, and the PS3 only needs a public key to verify that the signature came from Sony," he said.

"Applied correctly, it would take billions of years to derive the private key from the public key, or to make a signature without knowing the private key, even when you have all the computational power in the world at your disposal."

The private key, which is used to check the validity of the code being run by the gaming console, should be based on a truly random number. But it turns out that Sony apparently took some unfortunate short cuts.

"The signing recipe requires that a random number be used as part of the calculation, with the caveat that that number must be truly random and not predictable in any way," said a fail0verflow spokeshacker.

"However, Sony wrote their own signing software, which used a constant number for each signature."

Using that constant seed number, and a bit of 'simple algebra', the hackers were able to find the unencrypted key which is hard-wired into every PS3 console.

The fact that the signing key is a fixed part of the console's firmware almost certainly means that any future hacks will be permanent. The only way Sony will be able to remove the hole will be to re-issue new hardware, or to force a firmware update which would render all current games inoperable.

Sony has a reputation for removing chunks of functionality from its hardware like the 'Install Other OS' system which many believe has sparked these latest hack attacks. But even an outfit with Sony's legendary arrogance towards its paying customers would be hard pushed to justify effectively bricking a whole generation of consoles.

Despite all of the groups and individuals involved swearing blind that they have no interest whatsoever in encouraging piracy on the console, it's only a matter of time before someone comes up with a simple solution to playing copied games, whether they be ripped disks or from data stored on a hard drive.