Topic: Why Can't We Get A Digital Signature? (Read 751 times)

CattyKid · « **on:** December 03, 2005, 04:50:00 PM »

There is something I have always wondered. In all our years of Xbox modding, we have never been able to acquire the digital signature. Is this because it is so closely guarded? If we had it, we would be able to pop in, say, a signed burned Linux disk and have it play in a stock Xbox.
So, what I'm asking is, do we have NO inside sources at MS? How many people have access to the digital signature? How exactly does it work (aka, why can't we get it off of a game disk). If we could get this, somehow, would it be a way to mod the 360?

(I realize this might be quite noob-ish, but I've always wondered about signatures)

fingolfin · « **Reply #1 on:** December 03, 2005, 05:09:00 PM »

there is currently a $100,00 dollar prize for the group that cracks the xbox main security code
http://news.zdnet.co...,2128739,00.htm
it's " funded by Michael Robertson, chief executive of Linux software company Lindows."

It would be amazing to just pop-in a linux disk and use your xbox or 360 as a PC...

lordvader129 · « **Reply #2 on:** December 03, 2005, 06:47:00 PM »

my guess is that no one at MS would have direct access to the key, and very very few would have access to a computer that signs the xbes and then put them onto a disk to be sent back to printers

the key is elegantly simple, and nigh impossible to crack

heres the deal, 2 numbers are multiplied together to make this number

20740119327258723760276023509063017138455993606274883526731955113241109007354362374128996096291046353572306742110305456946824862203867115042369878729703475765112280167498189046437794602966168812419423365196979669431929588951126804648743029387833666031765734337165949634731375592471670294246180877815104812674626967450097045005117546657068700545263064105024888769118032059917845867653040419404003684559882509195398630922824050405379620513589699993980205694266973236095772153476388267418476533663512746243310317853861946430053072890502949319703765023792161144942611323629444409600173894963797156859916567288947565058003

find those 2 numbers and you can start signing xbes

this is the key for xbox, not 360, i dont think we know even the public key for 360 yet

ShadowElitePro · « **Reply #3 on:** December 03, 2005, 06:53:00 PM »

Ive wondered this too. Now I know. I just thought no one will get it because its closley guarded.

azninvasion · « **Reply #4 on:** December 04, 2005, 01:56:00 PM »

QUOTE(lordvader129 @ Dec 4 2005, 01:54 AM)

my guess is that no one at MS would have direct access to the key, and very very few would have access to a computer that signs the xbes and then put them onto a disk to be sent back to printers

the key is elegantly simple, and nigh impossible to crack

heres the deal, 2 numbers are multiplied together to make this number

20740119327258723760276023509063017138455993606274883526731955113241109007354362374128996096291046353572306742110305456946824862203867115042369878729703475765112280167498189046437794602966168812419423365196979669431929588951126804648743029387833666031765734337165949634731375592471670294246180877815104812674626967450097045005117546657068700545263064105024888769118032059917845867653040419404003684559882509195398630922824050405379620513589699993980205694266973236095772153476388267418476533663512746243310317853861946430053072890502949319703765023792161144942611323629444409600173894963797156859916567288947565058003

find those 2 numbers and you can start signing xbes

this is the key for xbox, not 360, i dont think we know even the public key for 360 yet

Is that the real number or did you just make that up? I know that modern cryptography is based on the multiplication of two very very large prime numbers. Thats why primes are so important. I think that what is needed is someone to come up with a precise mathematical formula for predicting primes, and then we could really get things done.

I once had some thoughts on how we could find patterns in primes but i'm sure people have already thought of this. It has to do with encoding numbers into different bases, base-1 base-2 base-3 etc.. But instead only using the bases of the primes 2^n 3^n 5^n 7^n etc... Using this and comparing the first few multiples of primes in the different bases perhaps a pattern could be found that would speak for the rest of the primes. Then you would take a guess at the prime numbers by first looking at the length of the signature, picking a prime less than half the length of the signature and multiplying the prime by a length that is roughly half or longer, and comparing that to the answer for example for take a number of 100 bits in length, pick a prime that is less than 50 bits in length and multiply it by a certain prime such that it comes up to 100 bits in length, and you would find your most likely candidates. It would help by reducing the number by half that you need to calculate etc....

I don't know if I made any sense, but if I didn't just ignore what I said.

RadisH · « **Reply #5 on:** December 04, 2005, 02:13:00 PM »

in theory there is a possibility to find that "secure-key"? i think yes, but for find that we need year and year of calculator work.

but is some one make a tool like seti@home to use more pc linked around the world to find the key?
is possible? why not create a develop team to create that program?

crystalgeek · « **Reply #6 on:** December 04, 2005, 02:24:00 PM »

10370059663629361880138011754532

and 2

there we go sorted lol

just pasted into calculator and divided by two althou my machine freaked for bout half hour when i hit paste

CattyKid · « **Reply #7 on:** December 04, 2005, 04:11:00 PM »

Well, thanks, that actually helped me understand it much better. I appreciate it, guys, especially you, lordvader129.

Well, time for an Xbox SetiProject!

82ross · « **Reply #8 on:** December 04, 2005, 04:33:00 PM »

QUOTE(RadisH @ Dec 4 2005, 09:20 PM)

in theory there is a possibility to find that "secure-key"? i think yes, but for find that we need year and year of calculator work.

but is some one make a tool like seti@home to use more pc linked around the world to find the key?
is possible? why not create a develop team to create that program?

There was one. It was even ported to the xbox itself so it could try and crack itself. I cant remember what it was called exactly Operation Project X i think.

gjm · « **Reply #9 on:** December 04, 2005, 04:35:00 PM »

I don't know the specifics of how xbox security is implemented but i'm sure it's based on public-key cryptography, running a search on that in google will give you some good stuff to read about to understand why you cant get the private key off a game disk..

It should not be computationally feasible to deduce the private key, given the corresponding public key, that's the idea behind public key cryptography..

And yeah MS must keep their private key very closely guarded otherwise i'm sure somebody would leak it

ugo · « **Reply #10 on:** December 05, 2005, 01:39:00 AM »

It looks like they restarted the project in 2003, but their site is currently down.

http://sourceforge.net/projects/opx/

RadisH · « **Reply #11 on:** December 05, 2005, 03:05:00 AM »

QUOTE

The goal of Operation Project X is to crack the 2048-bit RSA private encryption key MS uses to sign Xbox media, by using distributed computing. This key could be used by Xbox owners to run homebrew code on their machines

wow!

for xbox360 there is same project?
i think with the hype around the xbox360 if someone now open-release that program for x360 here the 99% of xbox-scene users start on his pc that programs!

InterestedHacker · « **Reply #12 on:** December 05, 2005, 03:16:00 AM »

QUOTE(crystalgeek @ Dec 4 2005, 11:31 PM)

10370059663629361880138011754532

and 2

there we go sorted lol

just pasted into calculator and divided by two althou my machine freaked for bout half hour when i hit paste

ROFLMFAO! Wondered how long it would be before someone posted something like that...

crystalgeek · « **Reply #13 on:** December 05, 2005, 11:07:00 AM »

QUOTE(InterestedHacker @ Dec 5 2005, 10:23 AM)

ROFLMFAO! Wondered how long it would be before someone posted something like that...

lol all jokes aside would it not be easier to write a simple script to figure out all the multiples of the public key and then to test them?

heres how i see the program written

N defined as 1
Public key = P
A = Number

divide P by 1 print results to "test.txt"
define A as N+N

"Divide P by A print results to "test.txt" check if whole number.
>If no Delete
>If yes Keep
then Redefine A as A + N"

Repeat all in " " till A = P

in effect dividing the public key up by every number up untill itself and saving the results, checking if it is a whole number to give al the multiples of P in effect all the possibillities of the Private Key right?

and I dont know hpow you would test each of these possibillities

but would that not work to find all the possibillities?

I'm no coder but it seems like it would work to me.....

BluhDeBluh · « **Reply #14 on:** December 05, 2005, 11:58:00 AM »

You're underestimating the sheer amount of numbers involved.

Whatsmore, it's 2 or more primes.

Author Topic: Why Can't We Get A Digital Signature? (Read 751 times)