Signing xbox360 executables

[AssertFalse]

Is it already known what kind of algorithm MS uses for signing xbox360 executables? Would it be enough to "just crack" the public key (assuming it's RSA or anything similar) to be able to sign and run anything? Or are there any other issues involved (like for example unknown DVD format)?

Thanks

[SiliconIce]

The whole point of signatures is that they are chosen to be very difficult (read: infeasible) to attack in a reasonable amount of time.

[AssertFalse]

Yes, I'm very well aware of that. But assuming one would break the public key, would it be enough to run anything?
I ask because I remember some (rather lame) attempts to hack xbox1 by breaking the public key and I wonder if the method still applies.

[AceMilo]

It would take millions upon millions of computer hours to crack the private key.  The public key can be obtained fairly easily, but that is only used to verify the private key.  The executables are signed with the private key, you cannot sign anything with the public key.  Brute forcing the private key would be a complete waste of time.

[Arakon]

at this point, unless it's cause of a leak or an insanely lucky shot, it's not gonna be cracked.
if it was, any discussion about modchips would be moot, since being able to make your own signed executables would basically circumvent all protection.

[theiz]

Read this for a brief description:
http://www.microsoft.com/downloads/details.aspx?FamilyID=83f3c2d1-ced6-473e-9cbe-723ca1f0267d&displaylang=en

[swolsten]

Yes, I'm very well aware of that. But assuming one would break the public key, would it be enough to run anything?
I ask because I remember some (rather lame) attempts to hack xbox1 by breaking the public key and I wonder if the method still applies.

Anything encrypted with the public key can only be decrypted with the private key and vise versa. So if we did encryt with the 360 public key the only person able to decrupt it would be Bill himself 

[TheAntiCol]

It would be easier and cheaper to hire your own private army, storm the microsoft building and take the key by force, than it would be to crack the key.

Damn, if only everybody lived in my little world this would be a real possibility.

A leak from MS is also fairly unlikely since the machine that does the signing is probably locked up in a vault and connected to a private network that only one or two people have access to. Perhaps we could employ the services of Ethan Hunt, I wounder how expensive that would be?

Seriously though there is probably several machines that store the private key, but all but one will be stored in high security, fire proof vaults at seperate locations. The machine that does the signing, will probably also be stored in some kind of fire proof vault but one or two MS employees will have access to it, these will basically be the people who authorise and sign off on games. This computer is probably only accessable over a private network i.e. no physical access and the signing process will be designed so that no one person is entirely responsible, not even Bill himself.

[alou]

This whole chapter was very well explained here.
Reading through will get this definately out of your mind and give a better picture of how things work.

[AssertFalse]

Thanks Alou! This is exactly what i wanted to know.

So... Having all the numbers I think I might give it a try
(and yeah, I know it's for xbox1, but you have to start from something  )