Cool, very nice idea to brute both CID and Console ID. I had believed that it wouldn't be possible to brute one of them without knowing the other one.
But, do you really need both encrypt and decrypt? As far as I know, the first 32 bytes of the decrypted eMMC image should be all zeroes, and the encrypted image contains encrypted(IV) and encrypted(IV+1), XORed by the those zeroes.
So I think you could simply ECB decrypt the first 32 bytes, and then check if the first 16 bytes (plus 1) are same as the next 16 bytes. So, you'd only need the decrypt key, but not the encrypt key.
Uh, what is slower than what?EDIT: I should note, this is substantially slower.
Theoretically one could generate both keys at once - the problem might be that most EBC hardware/software libraries don't have separate memory slots for storing both keys.apparently you have to set both an encryption *and* decryption key??
But, do you really need both encrypt and decrypt? As far as I know, the first 32 bytes of the decrypted eMMC image should be all zeroes, and the encrypted image contains encrypted(IV) and encrypted(IV+1), XORed by the those zeroes.
So I think you could simply ECB decrypt the first 32 bytes, and then check if the first 16 bytes (plus 1) are same as the next 16 bytes. So, you'd only need the decrypt key, but not the encrypt key.
Last edited by nocash123,