Palladium cracked on the 'new' Xbox

Palladium cracked on the 'new' Xbox

Actually, their only goal was to provide Microsoft's XBox with Linux as the operating system. Microsoft countered with version 1.1 of the Xbox, in which the boot loader section is 'nailed down' in the ROM with a digital signature and the resulting checksum. But is this first implementation of Palladium safe?

If it were up to Andy Green, the hardware specialist of the Linux crew, a follow-up hack to version 1.1 of the Xbox could even pose a threat to Palladium. The Tiny Encryption Algorithm (TEA), which is used in the palladium-like structure, is of particular importance because the cyrto expert Franz Lehner discovered a researcher's message in the sci.crypt newsgroup on Usenet who pointed to weaknesses in this architecture indicates.

'The thing has a blind spot. It produces the same results with different inputs and thus acted as a kind of super hash'.

Now the developers only had to exploit this gap for their Linux project and they found it. Using a JUMP command in the checksum, the Linux start program could be executed from the RAM again with a few tricks. Two bits ensured that Microsoft's million dollar project was virtually useless. After this 'success', Green sees little future or hope for Microsoft's Palladium applications, which, according to Microsoft's plans, are to be used primarily for spam and copy protection. It should be relatively easy to bypass these protective mechanisms. The problem is well known: 'We only have to be lucky once, Microsoft the whole time,' said Andy Green. The Chaos Computer Club (CCC) had already discovered technical problems with the simultaneous use of Palladium and TCPA ( Heise reported ), which now coincide with Andy Green's experience. Unfortunately, this can always be the case between cryptography, hardware and softwarecomplications arise again.