Not Playing Randomly: The Sony PS3 and Bitcoin Crypto Hacks

Watch those random-number generators

What is the most costly hack to fix? Ransomware? Malware? Nope! Many experts think it is a failure of the trust infrastructure, and where the private keys of an organisation are leaked. This can then compromise all the things that are signed by those keys, including documents and executables.

Imagine the case where Microsoft’s private keys were hacked, and where we could then not trust any piece of software (or hardware) that was signed by those keys. Intruders could create their own software (or hardware) and then sign it with a valid key. There would have to be large-scale revocation of software and hardware, and virtually everything which was associated with Microsoft’s private keys would have to be reinstalled.

An intruder could thus recreate software which is properly signed by the trusted private key. Often these private keys are stolen by an insider in the company, but there are cases where sloppy coding has opened up the keys to the world. This happened in the case of ECDSA, and where developers did not check the random numbers they were generating.

Sony PS3 hack

In 2010, the hacker group fail0Overflow demonstrated that they could break the security methods of the Sony PS3. They achieved recreating Sony’s private key, and then break the signatures on the hypervisor and on the signed executables.

The core problem related to a lack of randomisation in the generation of a randomisation factor used within the signing processing (ECDSA). They did this by reversing the public key of the signature to give the private key. In fact, there was no actual randomisation involved and the seed value stays the same for each signing.

The signature values (R,S) use a random value of k to make sure that the values will differ for the same private key and the same message. Unfortunately, the Sony developers did not randomise it.