RetroFreak ROM encryption?

Discuss hardware-related topics, such as development cartridges, CopyNES, PowerPak, EPROMs, or whatever.

Moderators: B00daW, Moderators

Post Reply
duiz
Posts: 8
Joined: Sat Dec 23, 2017 3:42 am

RetroFreak ROM encryption?

Post by duiz » Mon Jan 29, 2018 1:14 pm

I been playing around with the RetroFreak, and noticed it has the option to dump the games into .nes files on the minisd. However, it seems the games become encrypted when dumped, which is inconvinient since I wanna compare my protos and such between MESEN and other more accurate emulators to spot proper differences.

Anyone have any clue what exactly RF does to the ROM?

User avatar
MottZilla
Posts: 2832
Joined: Wed Dec 06, 2006 8:18 pm

Re: RetroFreak ROM encryption?

Post by MottZilla » Mon Jan 29, 2018 3:02 pm

Did you check to see if they were compressed? Maybe it ZIPs the ROMs to save on file space.

duiz
Posts: 8
Joined: Sat Dec 23, 2017 3:42 am

Re: RetroFreak ROM encryption?

Post by duiz » Mon Jan 29, 2018 5:06 pm

I doubt it. The size is the exact same as a No-Intro dump

Compare the HEX from the RF dump and a No-Intro dump

Image

Image

User avatar
MottZilla
Posts: 2832
Joined: Wed Dec 06, 2006 8:18 pm

Re: RetroFreak ROM encryption?

Post by MottZilla » Mon Jan 29, 2018 10:07 pm

If you made enough dumps to compare it could help someone figure out what is going on perhaps. A quick Google search suggests to me that each console has some sort of ID number so that you can't share dumped games with other RF consoles or use them on other devices. So that number is probably used as some sort of encryption key. They say that you can run downloaded ROM files which makes this very odd. Why stop people from dumping their own cartridges and doing what they want with the data but at the same time allow them to download games and put them on the SD card. It would make more sense to me if they didn't allow that and only played their encrypted/protected ROM files.

Maybe if you look around enough or someone here will be able to tell you exactly what it is doing. There may be better ways of dumping games you should look into.

tepples
Posts: 21875
Joined: Sun Sep 19, 2004 11:12 pm
Location: NE Indiana, USA (NTSC)
Contact:

Re: RetroFreak ROM encryption?

Post by tepples » Mon Jan 29, 2018 10:49 pm

Perhaps their lawyers considered it more of a risk to let the user dump a cartridge and release it to the Internet than to let the user play something he might have a license for, such as a ROM downloaded from Itch or GitHub or PDRoms or NESdev or the homebrew section of RomHacking.net.

duiz
Posts: 8
Joined: Sat Dec 23, 2017 3:42 am

Re: RetroFreak ROM encryption?

Post by duiz » Tue Jan 30, 2018 9:57 am

MottZilla wrote:If you made enough dumps to compare it could help someone figure out what is going on perhaps. A quick Google search suggests to me that each console has some sort of ID number so that you can't share dumped games with other RF consoles or use them on other devices. So that number is probably used as some sort of encryption key. They say that you can run downloaded ROM files which makes this very odd. Why stop people from dumping their own cartridges and doing what they want with the data but at the same time allow them to download games and put them on the SD card. It would make more sense to me if they didn't allow that and only played their encrypted/protected ROM files.

Maybe if you look around enough or someone here will be able to tell you exactly what it is doing. There may be better ways of dumping games you should look into.
I do have a Kazzo but it has issues with some cartridges due to voltage and batteries etc. Newer Famicom releases also don't really respond well to Kazzo. My European protos also don't seem to take a liking to it.

Interesting about the RF using an ID number. I guess there is no way to undo the encryption.

User avatar
MottZilla
Posts: 2832
Joined: Wed Dec 06, 2006 8:18 pm

Re: RetroFreak ROM encryption?

Post by MottZilla » Tue Jan 30, 2018 5:03 pm

Ofcourse there is a way to undo it. If there wasn't then the RF itself couldn't play those games. The encryption or scrambling could be really simple. If someone extracts the firmware/software of the RF they could figure out what's going on that way.

One way to dump prototypes if they are using socketed EPROMs would just be to get an EPROM programmer and dump them that way. Just be careful not to break any chip legs.

duiz
Posts: 8
Joined: Sat Dec 23, 2017 3:42 am

Re: RetroFreak ROM encryption?

Post by duiz » Tue Jan 30, 2018 7:54 pm

I think RetroFreak provides their source files on their website. Dunno if it includes the dumper source though

http://www.cybergadget.co.jp/assets/fil ... 151031.zip

User avatar
MottZilla
Posts: 2832
Joined: Wed Dec 06, 2006 8:18 pm

Re: RetroFreak ROM encryption?

Post by MottZilla » Wed Jan 31, 2018 11:48 am

I didn't look through everything but a quick looks doesn't turn up anything obviously about their ROM protection. Maybe if you dig deeper into it. But I don't see why they would create such a protection and then include the source code to how it works.

duiz
Posts: 8
Joined: Sat Dec 23, 2017 3:42 am

Re: RetroFreak ROM encryption?

Post by duiz » Thu Feb 01, 2018 4:30 am

I took a look around and apparently there does exist some sort of jailbreak that allows for proper dumping (as well as other apk installations, so the thing definitely runs just emulators via ARM).

https://github.com/hissorii/retrofd

Not sure how all this works, but atleast it is possible.

lidnariq
Posts: 9127
Joined: Sun Apr 13, 2008 11:12 am
Location: Seattle

Re: RetroFreak ROM encryption?

Post by lidnariq » Thu Feb 01, 2018 11:02 am

I'd arbitrarily guess the encryption might be vulnerable to some sort of known-plaintext attack... most of the things I've looked at recently aren't using real encryption, despite being on a PC.

DrWho198
Posts: 25
Joined: Mon Feb 23, 2015 8:05 pm

Re: RetroFreak ROM encryption?

Post by DrWho198 » Wed Feb 07, 2018 2:23 am

Its hard if you do not have the encrypted data together with the name/rom of the game it should be. But if you look at it like this then I expect a simple encryption to be used. However I also expect them to use their own header as the file starts with RF which probably stands for Retro Freak.

Post Reply