GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Plailect → Keyshuffling

Plailect / Keyshuffling

Keyshuffling Attack for Persistent Early Code Execution in the Nintendo 3DS Secure Bootchain

Labels

texcryptographyaesnintendo-3ds

Projects that are alternatives of or similar to Keyshuffling

Siv Mode
RFC 5297 SIV mode of operation in Java
Stars: ✭ 22 (-93.55%)
Mutual labels:  cryptography, aes
Cryptojs.swift
Cross-platform cryptographic functions in swift
Stars: ✭ 42 (-87.68%)
Mutual labels:  cryptography, aes
Aes
AES-128 hardware implementation
Stars: ✭ 25 (-92.67%)
Mutual labels:  cryptography, aes
Gonnacry
A Linux Ransomware
Stars: ✭ 341 (+0%)
Mutual labels:  cryptography, aes
Padding Oracle Attacker
🔓 CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.
Stars: ✭ 136 (-60.12%)
Mutual labels:  cryptography, aes
Meta
Meta-repository for Miscreant: misuse-resistant symmetric encryption library with AES-SIV (RFC 5297) and AES-PMAC-SIV support
Stars: ✭ 483 (+41.64%)
Mutual labels:  cryptography, aes
Mirage Crypto
Cryptographic primitives for MirageOS
Stars: ✭ 39 (-88.56%)
Mutual labels:  cryptography, aes
Forge
A native implementation of TLS in Javascript and tools to write crypto-based and network-heavy webapps
Stars: ✭ 4,204 (+1132.84%)
Mutual labels:  cryptography, aes
Js Ethereum Cryptography
Every cryptographic primitive needed to work on Ethereum, for the browser and Node.js
Stars: ✭ 83 (-75.66%)
Mutual labels:  cryptography, aes
Cryptoswift
CryptoSwift is a growing collection of standard and secure cryptographic algorithms implemented in Swift
Stars: ✭ 8,846 (+2494.13%)
Mutual labels:  cryptography, aes
Blog Src
Personal blog source.
Stars: ✭ 7 (-97.95%)
Mutual labels:  cryptography, aes
Encrypt
🔒 A set of high-level APIs over PointyCastle for two-way cryptography.
Stars: ✭ 199 (-41.64%)
Mutual labels:  cryptography, aes
Low Latency Android Ios Linux Windows Tvos Macos Interactive Audio Platform
🇸Superpowered Audio, Networking and Cryptographics SDKs. High performance and cross platform on Android, iOS, macOS, tvOS, Linux, Windows and modern web browsers.
Stars: ✭ 1,121 (+228.74%)
Mutual labels:  cryptography, aes
Practical Cryptography For Developers Book
Practical Cryptography for Developers: Hashes, MAC, Key Derivation, DHKE, Symmetric and Asymmetric Ciphers, Public Key Cryptosystems, RSA, Elliptic Curves, ECC, secp256k1, ECDH, ECIES, Digital Signatures, ECDSA, EdDSA
Stars: ✭ 2,400 (+603.81%)
Mutual labels:  cryptography, aes
Oscrypto
Compiler-free Python crypto library backed by the OS, supporting CPython and PyPy
Stars: ✭ 257 (-24.63%)
Mutual labels:  cryptography, aes
Frameworks
Sample code and build environments for MPC frameworks
Stars: ✭ 288 (-15.54%)
Mutual labels:  cryptography
Encryptpad
Minimalist secure text editor and binary encryptor that implements RFC 4880 Open PGP format: symmetrically encrypted, compressed and integrity protected. The editor can protect files with passwords, key files or both.
Stars: ✭ 305 (-10.56%)
Mutual labels:  cryptography
Privatebin
A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.
Stars: ✭ 3,622 (+962.17%)
Mutual labels:  cryptography
Kremlin
KreMLin is a tool for extracting low-level F* programs to readable C code
Stars: ✭ 285 (-16.42%)
Mutual labels:  cryptography
Testnet3 Challenges
This repo is dedicated to Concordium Incentivized Testnet3.
Stars: ✭ 337 (-1.17%)
Mutual labels:  cryptography
View All Similar Projects ➔

Keyshuffling Attack for Persistent Early Code Execution in the Nintendo 3DS Secure Bootchain

View PDF

Abstract

We demonstrate an attack on the secure bootchain of the Nintendo 3DS in order to gain early code execution. The attack utilizes the block shuffling vulnerability of the ECB cipher mode to rearrange keys in the Nintendo 3DS's encrypted keystore. Because the shuffled keys will deterministically decrypt the encrypted firmware binary to incorrect plaintext data and execute it, and because the device's memory contents are kept between hard reboots, it is possible to reliably reach a branching instruction to a payload in memory. This payload, due to its execution by a privileged processor and its early execution, is able to extract the hash of hardware secrets necessary to decrypt the device's encrypted keystore and set up a persistent exploit of the system.

Background

Information in this article (especially the keyshuffling vulnerability) is original, independent work unless cited otherwise. Note that the keyshuffling vulnerability detailed here is the same one documented publicly by much of this team including "stuckpixel" (also known as "dark_samus") on sites such as 3DBrew. Additionally, note that the persistence vulnerability detailed here is the same one documented publicly as "arm9loaderhax" by "plutoo", "derrek", and "smea" at the 2015 32c3 conference.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].