Changes

Jump to navigation Jump to search
384 bytes added ,  06:43, 25 March 2012
Line 9: Line 9:     
So how do you use this to decrypt a savegame on a 3DS? First off, you chunk up the savegame into 512 byte chunks. Then, you bin these chunks by their contents, discarding any that contain only FF. Now look for the most common chunk. This is your keystream. Now XOR the keystream with your original savegame and you should have a fully decrypted savegame. XOR with the keystream again to produce an encrypted savegame.
 
So how do you use this to decrypt a savegame on a 3DS? First off, you chunk up the savegame into 512 byte chunks. Then, you bin these chunks by their contents, discarding any that contain only FF. Now look for the most common chunk. This is your keystream. Now XOR the keystream with your original savegame and you should have a fully decrypted savegame. XOR with the keystream again to produce an encrypted savegame.
 +
 +
All savegames, including non-gamecard savegames, are encrypted with AES-CTR. The base CTR never changes after savegame creation. The CTR used for gamecard savegames eventually repeats, while non-gamecard savegames don't use a repeating CTR. For the old gamecard CTR method, it repeated every 0x200-bytes. With the new method it repeats at least every 0x1000-bytes, but the exact period isn't known for certain.
    
Update:
 
Update:
Line 20: Line 22:     
'''Some information:'''
 
'''Some information:'''
* Old games saves still use the old 0x200 bytes xorpad.
+
* Old games saves still use the old 0x200-bytes AES-CTR xorpad.
* New games saves can be backed-up and restored (same key is used from one save to another).
+
* New games saves can be backed-up and restored.
 
* The wearleveling stayed the same.
 
* The wearleveling stayed the same.
* Xoring two files togather can produce some clear text
+
* Xoring two files together can produce some clear text
* It's been spotted that the xorpad repeated after 0x1000 bytes (so it might be the maximum length but still it's not proved).
+
* It's been spotted that the AES-CTR xorpad repeated after 0x1000 bytes (so it might be the maximum length but still it's not proved).
    
=== Wear leveling ===
 
=== Wear leveling ===

Navigation menu