![Huh? ???](https://forums.xboxscene.org/Smileys/xs/huh.gif)
?
RiceCake. You don't get it right now, he?! I try to explain more. Even for me it's difficult to understand.....
The problem is NOT the MS signing with the private MS key itself.
We don't have it, and even don't need it with those method.
MS signed only the HEADER info of a program file. The header describes
which version, date, where from the program may boot from (DVD, HDD etc.), regio(s) and the main user-HASH. this userhash is needed to decrypt the data inside the program; packed within sections.
We just don't do the known way; patch the header, because then we must resign with the MS key, which we don't have.
because of this, we need to start with an MS_signed.xbe program, wich includes ALL_Regions and Load_from_HDD at least. Those are easy to found (MSdash.xbe, xboxonline.xbe for instance, etc.)
The programcode into the sections itself is SHA-1 hashed with the userkey.
The MS key isn't important anymore for this! That's important to understand!
So, when we alter programcode in one of those sections; WITH exactly the same length in bytes as the original part, then we could place it right there instead....
But the biggest problem there is; that those part is checked with SHA-1 userkey.
And because we changed code; the calculated HASH is NOT ok anymore,.... BUT:
It seems that with computing algoritmes the same HASH could be reproduced using OTHER DATA as the ORIGINAL DATA. This is possible, because it's possible to calculate so called collisions. Better to know; The calculated HASH shouldn't even been 100% ok as the original, because not all bits are checked with the protocol!
And those last part is the most important to know and understand!
At this knowledge it's in practice much more easyer to find a collision HASH, which would be Verified as OK by MS kernal.
So i hope this clears the fuss about this a bit
![blink.gif](http://forums.xboxscene.org/html/emoticons/blink.gif)