Flux RSS

How to fail encryption, part 2

One of the very first post I've made was talking about encryption, and how to fail it. Okay, that was a very easy encryption, but the base principles remain the same: don't be stupid, aka, know what you're doing. Well, I'm joining the bandwagon here, but it seems Sony's programmers didn't really try to understand their crypto handbook, and implemented it without really knowing what they were doing. As a result, all of the private keys for the PSP and the PS3 (including the one hardcoded in the CPU die) are leaking with simply two signatures made with them.

Good job, really.

Source: fail0verflow