RetroFreak ROM encryption?

Discuss hardware-related topics, such as development cartridges, CopyNES, PowerPak, EPROMs, or whatever.

Moderator: Moderators

Post Reply
duiz
Posts: 9
Joined: Sat Dec 23, 2017 3:42 am

RetroFreak ROM encryption?

Post by duiz »

I been playing around with the RetroFreak, and noticed it has the option to dump the games into .nes files on the minisd. However, it seems the games become encrypted when dumped, which is inconvinient since I wanna compare my protos and such between MESEN and other more accurate emulators to spot proper differences.

Anyone have any clue what exactly RF does to the ROM?
User avatar
MottZilla
Posts: 2837
Joined: Wed Dec 06, 2006 8:18 pm

Re: RetroFreak ROM encryption?

Post by MottZilla »

Did you check to see if they were compressed? Maybe it ZIPs the ROMs to save on file space.
duiz
Posts: 9
Joined: Sat Dec 23, 2017 3:42 am

Re: RetroFreak ROM encryption?

Post by duiz »

I doubt it. The size is the exact same as a No-Intro dump

Compare the HEX from the RF dump and a No-Intro dump

Image

Image
User avatar
MottZilla
Posts: 2837
Joined: Wed Dec 06, 2006 8:18 pm

Re: RetroFreak ROM encryption?

Post by MottZilla »

If you made enough dumps to compare it could help someone figure out what is going on perhaps. A quick Google search suggests to me that each console has some sort of ID number so that you can't share dumped games with other RF consoles or use them on other devices. So that number is probably used as some sort of encryption key. They say that you can run downloaded ROM files which makes this very odd. Why stop people from dumping their own cartridges and doing what they want with the data but at the same time allow them to download games and put them on the SD card. It would make more sense to me if they didn't allow that and only played their encrypted/protected ROM files.

Maybe if you look around enough or someone here will be able to tell you exactly what it is doing. There may be better ways of dumping games you should look into.
tepples
Posts: 22705
Joined: Sun Sep 19, 2004 11:12 pm
Location: NE Indiana, USA (NTSC)
Contact:

Re: RetroFreak ROM encryption?

Post by tepples »

Perhaps their lawyers considered it more of a risk to let the user dump a cartridge and release it to the Internet than to let the user play something he might have a license for, such as a ROM downloaded from Itch or GitHub or PDRoms or NESdev or the homebrew section of RomHacking.net.
duiz
Posts: 9
Joined: Sat Dec 23, 2017 3:42 am

Re: RetroFreak ROM encryption?

Post by duiz »

MottZilla wrote:If you made enough dumps to compare it could help someone figure out what is going on perhaps. A quick Google search suggests to me that each console has some sort of ID number so that you can't share dumped games with other RF consoles or use them on other devices. So that number is probably used as some sort of encryption key. They say that you can run downloaded ROM files which makes this very odd. Why stop people from dumping their own cartridges and doing what they want with the data but at the same time allow them to download games and put them on the SD card. It would make more sense to me if they didn't allow that and only played their encrypted/protected ROM files.

Maybe if you look around enough or someone here will be able to tell you exactly what it is doing. There may be better ways of dumping games you should look into.
I do have a Kazzo but it has issues with some cartridges due to voltage and batteries etc. Newer Famicom releases also don't really respond well to Kazzo. My European protos also don't seem to take a liking to it.

Interesting about the RF using an ID number. I guess there is no way to undo the encryption.
User avatar
MottZilla
Posts: 2837
Joined: Wed Dec 06, 2006 8:18 pm

Re: RetroFreak ROM encryption?

Post by MottZilla »

Ofcourse there is a way to undo it. If there wasn't then the RF itself couldn't play those games. The encryption or scrambling could be really simple. If someone extracts the firmware/software of the RF they could figure out what's going on that way.

One way to dump prototypes if they are using socketed EPROMs would just be to get an EPROM programmer and dump them that way. Just be careful not to break any chip legs.
duiz
Posts: 9
Joined: Sat Dec 23, 2017 3:42 am

Re: RetroFreak ROM encryption?

Post by duiz »

I think RetroFreak provides their source files on their website. Dunno if it includes the dumper source though

http://www.cybergadget.co.jp/assets/fil ... 151031.zip
User avatar
MottZilla
Posts: 2837
Joined: Wed Dec 06, 2006 8:18 pm

Re: RetroFreak ROM encryption?

Post by MottZilla »

I didn't look through everything but a quick looks doesn't turn up anything obviously about their ROM protection. Maybe if you dig deeper into it. But I don't see why they would create such a protection and then include the source code to how it works.
duiz
Posts: 9
Joined: Sat Dec 23, 2017 3:42 am

Re: RetroFreak ROM encryption?

Post by duiz »

I took a look around and apparently there does exist some sort of jailbreak that allows for proper dumping (as well as other apk installations, so the thing definitely runs just emulators via ARM).

https://github.com/hissorii/retrofd

Not sure how all this works, but atleast it is possible.
lidnariq
Posts: 11429
Joined: Sun Apr 13, 2008 11:12 am

Re: RetroFreak ROM encryption?

Post by lidnariq »

I'd arbitrarily guess the encryption might be vulnerable to some sort of known-plaintext attack... most of the things I've looked at recently aren't using real encryption, despite being on a PC.
DrWho198
Posts: 28
Joined: Mon Feb 23, 2015 8:05 pm

Re: RetroFreak ROM encryption?

Post by DrWho198 »

Its hard if you do not have the encrypted data together with the name/rom of the game it should be. But if you look at it like this then I expect a simple encryption to be used. However I also expect them to use their own header as the file starts with RF which probably stands for Retro Freak.
Post Reply