> Thats exactly what I was thinking. There would be no point in making an xor to
> run previously xored program roms run in a different region. But on the other
> hand, I'd imagine some knowledge of the encryption is needed to run unxored
> program roms with a hacked xor. It would be nice if someone in the know would
> comment with a little more than just "nope".

I'm not in the know, but as far as I can imagine this is what happens.

An emulator needs the decrypted rom to run. So it eats the encrypted rom and the xor file, and does this:

decryptedrom = encryptedrom XOR xorfile

But actually the xorfile is thus produced by Razoola:

xorfile = encryptedrom XOR decryptedrom

The encrypted rom is dumped off the chips. The decrypted rom is ripped by Razoola's trojan via the coin led or something.

Now, if you know how to change the decrypted rom in order to switch region and make your character's skin blue instead of yellow, all you have to do is

l337xorfile = encryptedrom XOR h4xx0reddecryptedrom

As you can see, the encrypted rom is still the same everybody uses, you just have to craft a different decrypted rom (which is hackable machine code) and produce a new xor file via the above procedure. Where is CPS2 encryption involved?

BTW, it looks like every game has a different method, so bruteforcing a game's "key" (if it's really a key and not an algo) wouldn't work for other games. As if they hadn't tried already.

My 2 cents.