Eboot Execution for 2.00 FW

[Adduc]

I'm not a coder in the PSP community, so I don't possess the knowledge that you developers do, but I've got a question concerning the way EBOOTs are loaded.

Around August, when people were still actively trying to hack FW 1.5x to run homebrew, I read somewhere that in the 1.5x firmware and up the PSP checks for authenticated keys in the EBOOT before it executes any code. At the time, they couldn't crack the code because code needed to be run first to be able to find the code using brute force cracking. It was my understanding that the code was either 64 or 128 bit encoded.

Now that 2.0 has been hacked, could it be possible to run the code to figure the key? Would that key theoretically allow complete use of the 2.0 firmware to the extent that 1.0 and 1.5 has?

If this is a misconception, please take the time to correct me. I'd like to know what the encrpytion and security is.

Thank you.

[IndianCheese]

2.00 has NOT been hacked; an alternate, non-EBOOT-running exploit (the TIFF overflow) has been found. Fanjita has created a program with the TIFF overflow that plays EBOOTs.

The 1.51 and 1.52 security must check the EBOOT for some things, but it is not known to non-Sony employees what it is. The only thing we know is that it is only found in update EBOOTs.

The update EBOOTs may contain a Sony "key" that enables the program to run. They may require a DATA.PSAR (the actual update data) to be present within the EBOOT. Or, a combination of the both. Hackers, however, have given up on hacking 1.51 and 1.52 firmwares because of the ability to easily update to 2.00 and downgrade to 1.50.

Which is what you should do if you have 1.51 or 1.52.