gbadev.org forum archive

This is a read-only mirror of the content originally found on forum.gbadev.org (now offline), salvaged from Wayback machine copies. A new forum can be found here.

DS development > Instant Cartridge swapping?

#62503 - Dwedit - Thu Dec 01, 2005 4:57 pm

Has anyone tried to make a device which consists of two DS cartridge slots, and allows one to swap which cartridge is in the slot by pressing a button? I'm not familiar with DS hardware, but would something like that potentially allow running of unsigned code?
_________________
"We are merely sprites that dance at the beck and call of our button pressing overlord."

#62507 - dovoto - Thu Dec 01, 2005 6:04 pm

DS carts are not signed. They are encrypted on a per cart basis. Swapping carts would not be helpful in overcomming this.
_________________
www.drunkencoders.com

#62518 - Dwedit - Thu Dec 01, 2005 8:01 pm

Is the cartridge itself encrypted, or just the files within? Otherwise how would those rom dumpers work?
_________________
"We are merely sprites that dance at the beck and call of our button pressing overlord."

#62526 - tepples - Thu Dec 01, 2005 8:56 pm

dovoto wrote:
They are encrypted on a per cart basis.

Wasn't the encryption found to be a stream cipher, which is simply XOR'd with the cleartext? In that case, you could possibly get cleartext by running two identical DS Game Cards in parallel and repeatedly reading from a known zeroed portion of the second card, allowing you to XOR out and replace the cleartext, resulting in running homebrew code.
_________________
-- Where is he?
-- Who?
-- You know, the human.
-- I think he moved to Tilwick.

#62535 - dovoto - Thu Dec 01, 2005 11:08 pm

Per cart, as in they use a different cypher key based in part on values from the games header and in part on values from low bios -- which are then used to drive several cascaded linear feedback shift registers which do some xor'ing of data. If the method you speek of would defeat this scheme then yes.

I know next to nothing about encryption :)
_________________
www.drunkencoders.com

#62537 - tepples - Thu Dec 01, 2005 11:22 pm

dovoto wrote:
Per cart, as in they use a different cypher key based in part on values from the games header

Which will be identical in identical carts, right?

Quote:
and in part on values from low bios

And on values from the RTC, which will be identical when you boot both cards on the same machine at the same second.

Quote:
which are then used to drive several cascaded linear feedback shift registers which do some xor'ing of data.

Which, if the LFSRs are producing identical cipher streams, opens up some cryptanalytic attacks.
_________________
-- Where is he?
-- Who?
-- You know, the human.
-- I think he moved to Tilwick.

#62543 - dovoto - Fri Dec 02, 2005 12:28 am

Ahh...interesting stuff and thanks for the link...good luck with it :)
_________________
www.drunkencoders.com