Capcom's Play System 2 Decryption Team.
W.I.P. Status CPS-2 Specs CPS Suicide Encryption Game List
The CPS-2 Encryption Information Page.

In this page we are going to give you the facts about the encryption used in CPS-2 games. There seems to be so many conflicting ideas going around that we feel this is needed. Before we start here's a typical CPS-2 game board (Street Fighter Zero 2) with all the ROM's pointed out for you. We hope this gives you more of an insight on what we're talking about.
 
Main Game Board part side.

Every ROM socket on the game board has been assigned a number which holds a set ROM. In the CPS-2 dumps that have been made available you will see these numbers are included to the end of the filename. If you have a dumped set of CPS-2 ROM's and want to know which ROM's are which, look at this table.
 
01 - 02 :  Qsound data
03 - 10 :  Main Program Code
11 - 12 :  Sound Samples
13 - 20 :  Graphics Data

It's very easy and clear to see all the ROM socket numbers on the solder side of the game board as this image shows.
 
Main Game Board solder side.

Some games also have a sub board that attaches to the main game board (not all games use this). This board contains ROM's which are used to store graphics and sound samples. There are a few different types of sub board but we will only show one to give you the idea of its layout.
 
Sub Board part side.

Finally the solder side of the sub board, not allot to see on this one but for completeness we'll show you.
 
Sub Board solder side.

If you would like to take a closer look at the game board above, we have full size scans available for download at the following links.
 
               Game Board PCB part side (3,483kb)
 
               Game Board PCB solder side (3,645kb)
 
               Sub Game Board PCB part side (690kb)
 
               Sub Game Board PCB solder side (526kb)
 
 
Now let's look at the game board again, this time pointing out the parts mainly involved with the encryption.
 
Main Game Board part side.
 
01 :  S-RAM 04 :  Custom 68000 Processor
02 :  JTAG Connector 05 :  Logic Controllers
03 :  Decryption Controller 06 :  Lithium Battery

The lithium battery powers the three programmable logic controllers and the main decryption controller (also a plc). The JTAG connector is used to program the logic devices for decryption but once the battery looses power this data is lost (see the CPS Suicide page here for more info). Attempts to read the logic devices have resulted in dead game boards.
 
Not all game boards have the JTAG connector (CN9), Capcom added it to a later revision of the game PCB. Earlier versions of the PCB use the edge connector (CN7) which allows programming in the same way.
 
93646B-3 :  CN8 counter connector middle left and no CN9.
93646B-4 :  CN8 counter connector top left and no CN9.
93646B-6 :  CN8 counter connector top left and register CN9.
93646B-7 :  CN8 counter connector top left and register CN9.

 
Now lets move on to the encrypted itself, to explain this I have copied information from MAME (www.mame.net). All credit goes to Andreas Naive for breaking the encryption algorithm and Nicola Salmoria for refining it and excellent documentation.
 
____________________________________

The encryption only affects opcodes, not data. It consists of two 4-round Feistel networks (FN) and involves both the 16-bit opcode and the low 16 bits of the address.
 
Let be:
E = 16-bit ciphertext

A = 16-bit address
K = 64-bit key
D = 16-bit plaintext
y = FN1(x,k) = function describing the 1st Feistel network (x,y = 16bit, k = 64bit)
y = FN2(x,k) = function describing the 2nd Feistel network (x,y = 16bit, k = 64bit)
y = EX(x) = fixed function that expands the 16-bit x to the 64-bit y
Then the cipher can be described as:
D = FN2( E, K XOR EX( FN1(A, K ) ) )
Each round of the Feistel networks consists of four substitution boxes. The boxes have 6 inputs and 2 outputs. Usually the input is the XOR of a data bit and a key bit, however in some cases only the key is used.
 
Also, the hardware has different watchdog opcodes and address range which are stored in the battery backed RAM. There doesn't appear to be any relation between those and the 64-bit encryption key, so they probably use an additional 64 bits of battery-backed RAM.
 
First FN:
 B(0 1 3 5 8 9 11 12)        A(10 4 6 7 2 13 15 14)

L0 R0
| |
XOR<-----------[F1]<------------|
| |
R1 L1
| |
|------------>[F2]----------->XOR
| |
L2 R2
| |
XOR<-----------[F3]<------------|
| |
R3 L3
| |
|------------>[F4]----------->XOR
| |
L4 R4
(10 4 6 7 2 13 15 14) (0 1 3 5 8 9 11 12)
Second FN:
 B(3 5 9 10 8 15 12 11)      A(6 0 2 13 1 4 14 7)

L0 R0
| |
XOR<-----------[F1]<------------|
| |
R1 L1
| |
|------------>[F2]----------->XOR
| |
L2 R2
| |
XOR<-----------[F3]<------------|
| |
R3 L3
| |
|------------>[F4]----------->XOR
| |
L4 R4
(6 0 2 13 1 4 14 7) (3 5 9 10 8 15 12 11)

Some Encryption notes.
 
As a general rule each region of a game has its own feistel network key.
 
The encryption does not cover the entire address space. The range covered differs per game.
 
The system has a watchdog that will disable the decryption of data if the watchdog isn't triggered at least once every few seconds. The trigger varies from game to game and is basically a 68000 opcode/s instruction.
 
____________________________________

Some light has finally been shed on how the encryption keys are uploaded to CPS2 'b' boards. Hardware required is a PDA, cards of 128kb in size that hold the encryption key and a device that attaches to the 'b' board. I have been passed pictures of the PDA and cards but as yet have no picture of the last peice of hardware.
 
               PDA and Security Card pictures (1,221kb)
 
               PDA hardware pictures (2,633kb)
 
 
 
Capcom's Play System 2 Decryption Team.
W.I.P. Status CPS-2 Specs CPS Suicide Encryption Game List
This site is not affliated with, nor authorized, endorsed or licensed in any way by CAPCOM.