DSiWare games are vulnerable to a specific set of exploits which allows you to install boot9strap with them.
You can also export DSiWare games from the System settings (System settings --> Data Management --> Nintendo DSiWare), however, these DSiWare exports are encrypted with your console unique movable.sed encryption key. Unless you can get that key somehow, you cannot decrypt them/modify them/re-encrypt them/re-import them
The DSiWare games are encrypted with AES-128. 128 means 128 bits. A byte in computing means 8 bits together. Therefore, the encryption key is 128 bits aka 16 bytes (128 / 8 == 16)
The first 8 bytes are the LocalFriendCodeSeed (L.F.C.S.). You can dump this if you have access to userland homebrew (things like ninjhax, freakyhax, stickerhaxx etc.). However, it is also possible to dump this for your friends if your 3DS is hacked.
Therefore, somebody with a hacked 3DS can dump your LFCS for you.
Now, you have the first 8 bytes of your movable.sed. However, there are still 8 bytes left which