Nintendo has strong anti-piracy measures reportedly built into its latest console, the Switch.
According to a lengthy Reddit post by self-proclaimed console hacker SciresM, the Japanese game company is able to perfectly detect whether a digital copy of a game was legitimately purchased.
The post outlines how exactly Nintendo is able to detect this by breaking down four simple steps. The first is that the Switch console verifies it can connect to the internet. Once it verifies that, your console gets a device authorization token that allows it to go online. Following verification, the console authorizes the Nintendo account.
Finally, it obtains an application authorization token for the game.
Going online and verifying accounts
The first and third steps are relatively simple. For the first, verifying it can connect to the internet, the Switch console periodically connects to a server and checks for a special header message. If the header message is there, the console knows it can connect to the internet.
Verifying your Nintendo account is standard as well. The Switch uses the same standard process as any web login.
The one important thing to note, according to SciresM, is that this authentication method allows Nintendo to block specific accounts from online access. However, every request requires a client certificate, which means every account can be associated with a console and both can be banned accordingly.
This is because client certificates are unique to each device and are set at the factory. Each Switch also has TrustZone, a special security CPU core with a cryptography API that allows it to decrypt the client certificate.
Getting device authorization
The second step is when the Switch authorizes itself with Nintendo’s online service. It does so by connecting to a unique ‘Device Authorization’ (dauth) server. Unlike most authentication servers, dauth doesn’t authorize everything the Switch does. Instead, dauth hands out certification to specific parts of the system as specified by the client certificate.
The console initializes the process by connecting to dauth and informing the server what master key revision the console is using. Dauth sends a ‘challenge’ back, along with a string of data. Next the Switch uses the data string as a cryptographic key source and transforms it with TrustZone before slotting it into a specific key slot.
Once that’s done, the Switch generates authorization request data, comprised of the challenge string, client ID, master key and current system version information. The device also calculates a cipher-based message authentication code (CMAC) using the TrustZone key it created before and includes it with the request data.
Finally the console bundles the data together and sends it to dauth. If everything checks out, dauth returns an authentication token to the console. Users will received an error code if they have a banned console.
Authorizing the game
This piece of the puzzle is simple but is allegedly the strongest part of the security process. Nintendo has a similar server to dauth, the Application Authorization server (aauth). Consoles send the device authorization token and game certification to aauth. If everything checks out, aauth returns an application authorization token.
For physical copies of games — called gamecards — the unique certificate on the card authorizes it. Nintendo ‘signs’ gamecards encrypted information when created. Consoles send this certificate to aauth for approval when connecting online.
Digital games are a little more complex. Digital games are authorized by the console’s ticket, a sort of digital receipt attached to the console and account of the purchaser. SciresM has a detailed technical breakdown of the ticket, but the important details contained in the ticket are the Title ID of the game, the device ID of the console and the Nintendo account ID. Nintendo signs the tickets with an RSA-2048 encryption, which can’t be forged.
Consoles communicate with Nintendo’s tickets service to retrieve an encrypted copy of the relevant ticket along with the encryption key. This key is encrypted using RSA-OAEP 2048, which is essentially a one-way encryption that only Nintendo can reverse. In other words, even if you had the output you couldn’t work backwards to crack the encryption and decrypt the ticket.
It’s also important to note that consoles can send a “no certification” request if it fails to find a certificate. However SciresM says sending a request would result in a ban.
What this means for users
Needless to say, these anti-piracy measures are quite strong. As far as gamecards go, Nintendo can detect whether a user has data from a Nintendo-authorized gamecard for the title. Additionally, gamecard certificates include of unknown information and can be linked to Nintendo accounts. This means sharing a gamecard certificate is easily detectable.
When it comes to digital games, there’s very little pirates can do. No one can forge tickets to validate a game. Furthermore, Nintendo can verify the device ID in the ticket matches the device ID for the console authorization. According to SciresM, the system will ban users if those device IDs don’t match. The system can also check the account ID in the ticket against the Nintendo account authorization.
All this adds up to one thing: don’t pirate games. There is no way for pirates to have signed, authorized tickets for their consoles. Connecting to online services would result in an immediate ban. Considering one in eight Canadians pirated a movie or TV show in the last month, there may be quite a few game pirates as well.
SciresM also wrote that if he were to implement anti-piracy measures, he’d do it the same way Nintendo did.
Earlier this year, hacker group ‘Fail0verflow’ uncovered an unpatchable exploit with the Switch. The exploit allows users to install Linux on Switch consoles. There was concern regarding that the exploit would allow for piracy, but with the strict anti-piracy measures in place it’s unlikely that will be much of a problem.
However users are questioning how this will affect the rental and reselling market for old games. Some speculate that Nintendo won’t take action unless it sees a gamecard certificate used by multiple users simultaneously.
If you’re interested in the finer details, you can take a look at SciresM’s post here.