diff --git a/build/components/hyena.TWL/src/main.c b/build/components/hyena.TWL/src/main.c
index ef7b8f59..f1076f96 100644
--- a/build/components/hyena.TWL/src/main.c
+++ b/build/components/hyena.TWL/src/main.c
@@ -189,9 +189,13 @@ TwlSpMain(void)
         InitializeNwm(mainHeapHandle, mainHeapHandle);      // NWM ‰Šú‰»
 #ifndef SDK_NOCRYPTO
         AES_Init();           // AES ‰Šú‰»
-
-		// NANDƒtƒ@[ƒ€‚ªHW_LAUNCHER_DELIVER_PARAM_BUF‚Ö‚ÌAES_SEEDƒZƒbƒg‚ðs‚Á‚Ä‚­‚ê‚é‚Ì‚ÅAISƒfƒoƒbƒKÚ‘±‚ÉŠÖŒW‚È‚­SDK_SEA_KEY_STORE‚Ö‚ÌƒRƒs[‚ðs‚¦‚Î‚æ‚¢
-		MI_CpuCopyFast( (void *)HW_LAUNCHER_DELIVER_PARAM_BUF, (void *)SDK_SEA_KEY_STORE, HW_LAUNCHER_DELIVER_PARAM_BUF_SIZE );
+		
+		{
+			// JPEGƒGƒ“ƒR[ƒh—p‚ÌŒ®ƒZƒbƒg
+			SYSMi_SetAESKeysForSignJPEG( (ROM_Header *)HW_TWL_ROM_HEADER_BUF, NULL, NULL );
+			// NANDƒtƒ@[ƒ€‚ªHW_LAUNCHER_DELIVER_PARAM_BUF‚Ö‚ÌAES_SEEDƒZƒbƒg‚ðs‚Á‚Ä‚­‚ê‚é‚Ì‚ÅAISƒfƒoƒbƒKÚ‘±‚ÉŠÖŒW‚È‚­SDK_SEA_KEY_STORE‚Ö‚ÌƒRƒs[‚ðs‚¦‚Î‚æ‚¢
+			MI_CpuCopyFast( (void *)HW_LAUNCHER_DELIVER_PARAM_BUF, (void *)SDK_SEA_KEY_STORE, HW_LAUNCHER_DELIVER_PARAM_BUF_SIZE );
+		}
 		
 #ifdef SDK_SEA
         SEA_Init();
diff --git a/build/libraries_sysmenu/boot/ARM7/src/bootAPI.c b/build/libraries_sysmenu/boot/ARM7/src/bootAPI.c
index de131645..3beaa7d5 100644
--- a/build/libraries_sysmenu/boot/ARM7/src/bootAPI.c
+++ b/build/libraries_sysmenu/boot/ARM7/src/bootAPI.c
@@ -159,6 +159,9 @@ BOOL BOOT_WaitStart( void )
 			int list_count = PRE_CLEAR_NUM_MAX + 1;
 			int l;
 			u32 *post_clear_list;
+			
+			// [TODO] WRAM_0_1‚Í‚¿‚á‚ñ‚ÆÁ‚¦‚Ä‚éHblowfish‚âaesŒ®‚ðˆø‚«“n‚µ‚Ä‚¢‚é‚Ì‚ÅS”z
+			
 			// ƒƒ‚ƒŠƒŠƒXƒg‚ÌÝ’è
 			// [TODO:] ƒVƒ‡ƒbƒvƒAƒvƒŠ‚ÅŒ®‚ðŽc‚·ê‡ANANDƒtƒ@[ƒ€ˆø”‚Ì—ÌˆæiWRAM‚É‚ ‚éj‚ðÁ‚³‚È‚¢‚æ‚¤‚É’ˆÓB
 			//         WRAMƒŠƒ}ƒbƒvŒã‚ÌÁ‚µ˜R‚ê‚âƒoƒbƒtƒ@ƒI[ƒoƒ‰ƒ“‚ÌŒœ”O‰ñ”ð‚Ì‚½‚ß•s—v‚ÈŒ®‚Ípre clear‚ÅÁ‚·B
diff --git a/build/libraries_sysmenu/sysmenu/ARM7/src/setAESKey.c b/build/libraries_sysmenu/sysmenu/ARM7/src/setAESKey.c
index 365c0772..215a7fba 100644
--- a/build/libraries_sysmenu/sysmenu/ARM7/src/setAESKey.c
+++ b/build/libraries_sysmenu/sysmenu/ARM7/src/setAESKey.c
@@ -27,6 +27,8 @@
 // define data-----------------------------------------------------------------
 // extern data-----------------------------------------------------------------
 // function's prototype-------------------------------------------------------
+void SYSMi_SetAESKeysForAccessControlCore( ROM_Header *pROMH, u8 *pDst, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC );
+
 // global variable-------------------------------------------------------------
 // static variable-------------------------------------------------------------
 // const data------------------------------------------------------------------
@@ -52,6 +54,16 @@ static const u8 dev_seedSlotC[] = {
 	0x49, 0x04, 0x6B, 0x33, 0x12, 0x02, 0xAC, 0xF3,
 };
 
+static const u8 dev_jpegEncodeKeyForLauncher[] = {
+	0xEF, 0x9A, 0xB3, 0x39, 0x48, 0x3C, 0x2B, 0x13,
+	0x39, 0x31, 0xA5, 0x3F, 0x86, 0x25, 0x9B, 0xB3,
+};
+
+static const u8 dev_jpegEncodeKeyForNormal[] = {
+	0x79, 0xAF, 0xFE, 0xA7, 0xF3, 0x6A, 0xB7, 0xBE,
+	0x83, 0xB6, 0x41, 0xFD, 0xFC, 0x42, 0xD7, 0x3B,
+};
+
 
 // ============================================================================
 //
@@ -66,8 +78,8 @@ void SYSMi_SetAESKeysForAccessControl( BOOL isNtrMode, ROM_Header *pROMH )
 	
 	// Œ®‚ÌƒZƒbƒg
 	MI_CpuClearFast( (void *)HW_LAUNCHER_DELIVER_PARAM_BUF, HW_LAUNCHER_DELIVER_PARAM_BUF_SIZE );
-	if( !isNtrMode &&
-		( pROMH->s.titleID_Hi & TITLE_ID_HI_SECURE_FLAG_MASK ) ) {
+	if( !isNtrMode ) {
+		SYSMi_SetAESKeysForSignJPEG( pROMH, &isClearSlotB, &isClearSlotC );
 		SYSMi_SetAESKeysForAccessControlCore( pROMH, (u8 *)HW_LAUNCHER_DELIVER_PARAM_BUF, &isClearSlotB, &isClearSlotC );
 	}
 	
@@ -88,9 +100,51 @@ void SYSMi_SetAESKeysForAccessControl( BOOL isNtrMode, ROM_Header *pROMH )
 	}
 }
 
+void SYSMi_SetAESKeysForSignJPEG( ROM_Header *pROMH, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC )
+{
+	void *pAESKey;
+	if( ( pROMH->s.titleID_Hi & TITLE_ID_HI_SECURE_FLAG_MASK ) &&
+		( 0 == STD_CompareNString( (const char *)&pROMH->s.titleID_Lo[ 1 ], "ANH", 3 ) ) ) {
+		// for Launcher
+		pAESKey = ( SCFG_GetBondingOption() == SCFG_OP_PRODUCT ) ?
+					&( OSi_GetFromFirmAddr()->rsa_pubkey[ 3 ][ 0x30 ] ) : (void *)dev_jpegEncodeKeyForLauncher;
+		if( pIsClearSlotC ) {
+			*pIsClearSlotC = FALSE;
+		}
+		// AESƒXƒƒbƒg‚ÌƒfƒtƒHƒ‹ƒg’lƒZƒbƒg
+		AES_Lock();
+		AES_SetKeyC( pAESKey );
+		AES_Unlock();
+		
+	}else {
+		// SignJPEG—pAESƒL[
+		if ( pROMH->s.access_control.hw_aes_slot_B_SignJPEGForLauncher == TRUE) {
+			// for Launcher
+			pAESKey = ( SCFG_GetBondingOption() == SCFG_OP_PRODUCT ) ?
+						&( OSi_GetFromFirmAddr()->rsa_pubkey[ 3 ][ 0x30 ] ) : (void *)dev_jpegEncodeKeyForLauncher;
+		}else {
+			// for ƒm[ƒ}ƒ‹ƒAƒvƒŠ
+			pAESKey = ( SCFG_GetBondingOption() == SCFG_OP_PRODUCT ) ?
+						&( OSi_GetFromFirmAddr()->rsa_pubkey[ 3 ][ 0x40 ] ) : (void *)dev_jpegEncodeKeyForNormal;
+		}
+		if( pIsClearSlotB ) {
+			*pIsClearSlotB = FALSE;
+		}
+		// AESƒXƒƒbƒg‚ÌƒfƒtƒHƒ‹ƒg’lƒZƒbƒg
+		AES_Lock();
+		AES_SetKeyB( pAESKey );
+		AES_Unlock();
+	}
+}
+
 
 void SYSMi_SetAESKeysForAccessControlCore( ROM_Header *pROMH, u8 *pDst, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC )
 {
+	// ƒZƒLƒ…ƒAƒAƒvƒŠˆÈŠO‚ÍƒZƒbƒg‚È‚µ
+	if ( !( pROMH->s.titleID_Hi & TITLE_ID_HI_SECURE_FLAG_MASK ) ) {
+		return;
+	}
+	
 	// commonClientKey
 	if( pROMH->s.access_control.common_client_key ) {
 		void *pCommonKey = ( SCFG_GetBondingOption() == SCFG_OP_PRODUCT ) ?
diff --git a/build/libraries_sysmenu/sysmenu/ARM9/src/sysmenu_lib.c b/build/libraries_sysmenu/sysmenu/ARM9/src/sysmenu_lib.c
index 26640e4a..f0eb3551 100644
--- a/build/libraries_sysmenu/sysmenu/ARM9/src/sysmenu_lib.c
+++ b/build/libraries_sysmenu/sysmenu/ARM9/src/sysmenu_lib.c
@@ -123,8 +123,8 @@ void SYSMi_SendKeysToARM7( void )
 {
     MI_SetWramBank(MI_WRAM_ARM9_ALL);
     // DSŒÝŠ·Blowfishƒe[ƒuƒ‹‚ðARM7‚Ö“n‚·
-    MI_CpuCopyFast( &((OSFromFirm9Buf *)HW_FIRM_FROM_FIRM_BUF)->ds_blowfish, (void *)HW_WRAM_0, sizeof(BLOWFISH_CTX) );
-    DC_FlushRange( (void *)HW_WRAM_0, sizeof(BLOWFISH_CTX) );
+    MI_CpuCopyFast( &((OSFromFirm9Buf *)HW_FIRM_FROM_FIRM_BUF)->ds_blowfish, (void *)&GetDeliverBROM9KeyAddr()->ds_blowfish, sizeof(BLOWFISH_CTX) );
+    DC_FlushRange( (void *)HW_WRAM_0, sizeof(DeliverBROM9Key) );
     MI_SetWramBank(MI_WRAM_ARM7_ALL);
 }
 
diff --git a/build/libraries_sysmenu/sysmenu/common/include/internal_api.h b/build/libraries_sysmenu/sysmenu/common/include/internal_api.h
index 801dd4f1..c1972796 100644
--- a/build/libraries_sysmenu/sysmenu/common/include/internal_api.h
+++ b/build/libraries_sysmenu/sysmenu/common/include/internal_api.h
@@ -72,12 +72,13 @@ void SYSMi_CheckRTC( void );
 //-------------------------------------------------------
 // AESŒ®Ý’è
 //-------------------------------------------------------
+
+// JPEG–¼—piƒ‰ƒ“ƒ`ƒƒ[AƒAƒvƒŠƒu[ƒg‹¤—pj
+void SYSMi_SetAESKeysForSignJPEG( ROM_Header *pROMH, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC );
+
 // ƒAƒvƒŠƒu[ƒg—p
 void SYSMi_SetAESKeysForAccessControl( BOOL isNtrMode, ROM_Header *pROMH );
 
-// ƒ‰ƒ“ƒ`ƒƒ[Ž©g—p
-void SYSMi_SetAESKeysForAccessControlCore( ROM_Header *pROMH, u8 *pDst, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC );
-
 #endif // SDK_ARM7
 
 
diff --git a/build/libraries_sysmenu/sysmenu/common/src/mountInfo.c b/build/libraries_sysmenu/sysmenu/common/src/mountInfo.c
index 36f402ed..45d2cb4f 100644
--- a/build/libraries_sysmenu/sysmenu/common/src/mountInfo.c
+++ b/build/libraries_sysmenu/sysmenu/common/src/mountInfo.c
@@ -182,7 +182,9 @@ static void SYSMi_SetMountInfoCore( LauncherBootType bootType, NAMTitleId titleI
 	
 	int i;
 	char contentpath[ FS_ENTRY_LONGNAME_MAX ];
-
+	
+	// [TODO]TMPƒWƒƒƒ“ƒvŽž‚ÌcontentƒpƒXŽw’è‚ª‚¤‚Ü‚­‚¢‚Á‚Ä‚¢‚È‚¢Bƒ}ƒEƒ“ƒg‚µ‚È‚¢‚æ‚¤‚É‚µ‚½‚ç—Ç‚¢B
+	
 	// ƒ^ƒCƒgƒ‹ID‚©‚çcontent‚Ìƒtƒ@ƒCƒ‹ƒpƒX‚ðƒZƒbƒg
 	STD_TSNPrintf( contentpath, FS_ENTRY_LONGNAME_MAX,
 				   "nand:/title/%08x/%08x/content", (u32)( titleID >> 32 ), titleID );
diff --git a/docs/éµç®¡ç†.xls b/docs/éµç®¡ç†.xls
index e7a7f1f9..8c2b53bd 100644
Binary files a/docs/éµç®¡ç†.xls and b/docs/éµç®¡ç†.xls differ
diff --git a/include/sysmenu/sysmenu_lib/common/sysmenu_work.h b/include/sysmenu/sysmenu_lib/common/sysmenu_work.h
index 5cf47dfa..07a9e77a 100644
--- a/include/sysmenu/sysmenu_lib/common/sysmenu_work.h
+++ b/include/sysmenu/sysmenu_lib/common/sysmenu_work.h
@@ -23,6 +23,7 @@
 
 #include <sysmenu/memorymap.h>
 #include <sysmenu/reloc_info/common/reloc_info.h>
+#include <firm/gcd/blowfish.h>
 
 #ifdef __cplusplus
 extern "C" {
@@ -183,6 +184,12 @@ typedef struct SDKBootCheckInfo{
 }SDKBootCheckInfo;
 
 
+// ARM9‚©‚çARM7‚ÉWRAMŒo—R‚Åˆø‚«“n‚·Œ®î•ñƒ[ƒN
+typedef struct DeliverBROM9Key {
+	BLOWFISH_CTX	ds_blowfish;
+}DeliverBROM9Key;
+
+
 //----------------------------------------------------------------------
 //@SYSM‹¤—Lƒ[ƒN—Ìˆæ‚ÌƒAƒhƒŒƒXŠl“¾
 //----------------------------------------------------------------------
@@ -204,6 +211,13 @@ typedef struct SDKBootCheckInfo{
 #define SYSM_GetAppRomHeader()				( (ROM_Header_Short *)SYSM_APP_ROM_HEADER_BUF )
 #define SYSM_GetCardRomHeader()				SYSM_GetAppRomHeader()
 
+// ARM9‚©‚çˆø‚«“n‚·Œ®î•ñƒ[ƒN‚ÌŽæ“¾
+#ifdef SDK_ARM9
+#define GetDeliverBROM9KeyAddr()			( (DeliverBROM9Key *)HW_WRAM_0 )
+#else
+#define GetDeliverBROM9KeyAddr()			( (DeliverBROM9Key *)HW_WRAM_0_LTD )
+#endif
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/tools/bin/makerom.TWL.launcher.exe b/tools/bin/makerom.TWL.launcher.exe
index 428038dd..5051b0ba 100644
Binary files a/tools/bin/makerom.TWL.launcher.exe and b/tools/bin/makerom.TWL.launcher.exe differ