Well the next hack meeting from this site will hopefully have MPH sitting with us and hoppefully we can put all our ideas together and finally screw sony over......

__________________

As far as I know it's not exactly a matter of cracking the 2.5 encryption (tho yes for the most part you have exactly the right idea) but instead it is a matter of cracking the PSP hardware encryption. (so I'm lead to believe but I won't say for certain that this is the case)

What that means is the encryption is hard-coded into the actual processing chips inside the PSP itself and to crack it you would need an EXTREME'LY experienced, (i.e. a professional and probably well paid) hardware reverse-engineer who could use incredibly expensive tools to open up the PSP and examine the chips to try and find the encryption process/algorithm.

As you may guess, this is a very big and probably very expensive job However if the encryption algorithm is discovered then (and you were indeed right about this) there is absoloutly NO way of stopping homebrew applications because if you encrypt them properly using the algorithm then the PSP wont be able to tell a Homebrew firmware update from a Sony firmware update. (the only possible 'fix' for this is to give all new PSP's a different encryption algorithm)

This is also why I tell people that trying to do a fake firmware update is not possible without encrypting the new firmware properly. (or more likely, generating a special validation key that matches the new firmware files)


As I said earlier tho I'm not 100% sure if that's how it works or not but I imagine it's very close.

Shambler, it's not going to work. The code in the chips is the PUBLIC key, and that's never going to "reveal" the private key used to sign the software itself.
The PRIVATE key is held at Sony HQ in Japan.
Attempting to brute-force is also going to lead nowhere, even if you had a million computers trying to brute-force the key, you'd still be dead from old age before it's found. Even the 12 year-olds on here would be dead from old age.
Asymmetric encryption. Google it.

Oh yes I'm aware brute-forcing it is practically impossible

As I said in my last post, I'm not entirely sure how it works (but at least I know I was partly right about it now) and I don't know a great deal about cryptography etc. tho I will google what you mentioned,
Thanks.

Ok, read up on that...interesting.

Is there any place where I can get more information on how the PSP encryption works? (i.e. details such as...are firmware updates themselves encrypted or is there just a validation key in the update file header etc.)

The games are signed/encrypted using the private key.
They can then only be decrypted/verified using the public key loaded into the PSP. If it's not "verified" as being signed by the private key, then you get the infamous "corrupted file" error or in the case of GTA and 2.0 games like it, the F-error when running a version changer against a UMD or ISO.

That's all PSP exploits do. Allow unsigned code to run.

Thanks you for saying that iball. Some people just don't get it!

It's quite common knowledge I picked up by reading a LOT of posts on a lot of different forums, performing my own "experiments" to confirm my findings, and not asking stupid questions that have been:
"I object! Asked and answered, your honor!"

Thanks for the info!