It is our pleasure to announce a very important milestone in arcade conservation, the successful reverse engineering of Capcom’s CPS2 security programming. A major development giving full hardware control of this popular platform over to the community, and helping preservation by enabling the clean desuicide and restoration of any dead games without hardware modifications.
This achievement has been made possible thanks to the help, support and collaboration of many dedicated individuals who just like you have an altruistic passion about arcade games, their hardware, history and legacy. All the discoveries and results generated by this project will be soon shared publicly, free of charge.
Over the coming days the project will see a limited release to selected testers to help ensure maturity before the public disclosure happens.
WTF kind of alien tech did they HAVE back in the 90’s, that we have to reverse-engineer this stuff instead of doing the same thing a different way on more powerful and versatile hardware (with WAY more ram, mind you) with no problem and without resorting to software emulation?
It’s called encryption and Capcom used some sort of 64-bit ciphers to protect the roms from being hacked and copied. CPS2 had minor improvements over CPS1 the only major leap was the encryption and Capcom beating piracy of their arcade hardware.
This is great news and means we’re going to see modded CPS2 boards without battery suicide not only that it could also mean better emulation of the CPS2 hardware.
The problem wasn’t power, it was not knowing how the security actually worked on a hardware level.
If you check out the CPS1 articles on that site, the process included removing the security chip from the board and etching away the plastic and metallic housing layers with acid, then examining the transistor layout with electron microscopes to reconstruct its functions, and finally using the existing MAME memory maps to reprogram the info into memory. No easy task!
The CPS1 solution just involves plugging an Arduino into the board to reflash it. I think that’s only necessary once per battery (~20 years I believe).
Cracking encryption is it’s own field of study, and there is ciphers that has yet to be broken and they been around for decades.
Like what Spirited_Away said, Capcom used some sort of 64-bit ciphers. If they went for one of the more simpler methods, a substitution encryption and the 64 bit cipher is your key or code word to clue you in on the cipher you still have some 8 billion combinations to test and explore, and that only with one very, very simple system of encryption. Some ciphers require 2 different keys, one for encryption and one for decryption.
If I am not mistaken Capcom’s CPS2 has hardware driven decryption which takes less computational power than a software driven decryption.
I am only scratching the surface, The real meat and potatoes what does on is above even my head.
No mods; it doesn’t prevent suicide, it reverses it. A battery is still required but if the board dies, one can just replace the battery and put the keys back, just as Capcom did.
