Changes

Jump to navigation Jump to search
7 bytes added ,  05:29, 2 January 2016
m
no edit summary
Line 127: Line 127:  
|-
 
|-
 
| Leak of normal-key matching a key-scrambler key
 
| Leak of normal-key matching a key-scrambler key
| New 3DS firmware versions [[8.1.0-0|8.1.0]] through [[9.2.0-20|9.2.0]] set the encryption key for [[Amiibo]] data using a hardcoded normal-key in Process9.  In firmware [[9.3.0-21|9.3.0]], Nintendo "fixed" this by using the key scrambler instead, by calculating the keyY value for keyslot 0x39 that results in the same normal-key, then hardcoding that keyY into Process9.
+
| New 3DS firmware versions [[8.1.0-0 New3DS|8.1.0]] through [[9.2.0-20|9.2.0]] set the encryption key for [[Amiibo]] data using a hardcoded normal-key in Process9.  In firmware [[9.3.0-21|9.3.0]], Nintendo "fixed" this by using the key scrambler instead, by calculating the keyY value for keyslot 0x39 that results in the same normal-key, then hardcoding that keyY into Process9.
    
Nintendo's fix is actually the problem: Nintendo revealed the normal-key matching an unknown keyX and a known keyY.  Combined with the key scrambler using an insecure scrambling algorithm (see "Hardware" above), the key scrambler function could be deduced.
 
Nintendo's fix is actually the problem: Nintendo revealed the normal-key matching an unknown keyX and a known keyY.  Combined with the key scrambler using an insecure scrambling algorithm (see "Hardware" above), the key scrambler function could be deduced.
165

edits

Navigation menu