🔮
Roll your own crypto
  • 🗞️Roll your own crypto* 🔮
  • 👩‍🏫Introduction to ECC
  • 🕓Galois Fields
  • ➰Elliptic Curve in Python
  • 🎯Representing a point
  • ➰Group Theory
  • ➕Point Addition in Python
  • ✖️Scalar Multiplication in Python
  • 🖋️ECDSA
  • 🎮Quiz: The Playstation 3 Hack
  • ❤️Conclusion
Powered by GitBook
On this page

Was this helpful?

Quiz: The Playstation 3 Hack

aka The Nonce Reuse Attack

PreviousECDSANextConclusion

Last updated 1 year ago

Was this helpful?

Sony uses a private key, typically stored (in an HSM?) at the company's HQ, to mark their Playstation firmwares as valid and unmodified. The PS3 only needs a public key to verify that the signature came from Sony. Normally, this is considered safe; but Sony did a rookie mistake in the implementation of their signing algorithm - they used the same random number to sign everything.

Quiz time

Recall how the (public parameter) rrr in the signature is generated from a (secret) random number kkk, using the formula kG=RkG = RkG=R, rrr being the x-coordinate of the point RRR.

Given two signatures that use the same kkk, prove how you can extract the private key used for signing. Use the signature formula in the ECDSA section. You'll need pen and paper for this.

🎮
Very very secure.