I'm thinking that a single technique can be use the MAC address if you
have a Rabbit Board with Ethernet. Every you compile, you can put a
define with the MAC address, then in the program read the MAC and
compare. Also you can 'obscure' the data to make more difficult to
decrypt.
If you don't produce much units it can be a useful technique, but
not very very secure. I think, as another people in this list, that
all encryption are vulnerable if you make the sufficient effort.
Juan M. Sard
Ponis SA.
www.ponis.com.ar
j...@ponis.com.ar
Securing code?
Started by ●November 3, 2006
Reply by ●November 6, 20062006-11-06
Reply by ●November 6, 20062006-11-06
jmsardon01 wrote:
> I'm thinking that a single technique can be use the MAC address if you
> have a Rabbit Board with Ethernet. Every you compile, you can put a
> define with the MAC address, then in the program read the MAC and
> compare. Also you can 'obscure' the data to make more difficult to
> decrypt.
> If you don't produce much units it can be a useful technique, but
> not very very secure. I think, as another people in this list, that
> all encryption are vulnerable if you make the sufficient effort.
>
That will not work as the MAC is also stored in th flash. You can still
copy the entire flash. You would have a board with the same MAC address.
I like the idea of a PIC processor programmed to match the MAC and also
has its security bit set so it can not be copied.
------
| Scott G. Henion| s...@shdesigns.org |
| Consultant | Stone Mountain, GA |
| SHDesigns http://www.shdesigns.org |
------
Rabbit libs: http://www.shdesigns.org/rabbit/
today's fortune
Having nothing, nothing can he lose.
-- William Shakespeare, "Henry VI"
> I'm thinking that a single technique can be use the MAC address if you
> have a Rabbit Board with Ethernet. Every you compile, you can put a
> define with the MAC address, then in the program read the MAC and
> compare. Also you can 'obscure' the data to make more difficult to
> decrypt.
> If you don't produce much units it can be a useful technique, but
> not very very secure. I think, as another people in this list, that
> all encryption are vulnerable if you make the sufficient effort.
>
That will not work as the MAC is also stored in th flash. You can still
copy the entire flash. You would have a board with the same MAC address.
I like the idea of a PIC processor programmed to match the MAC and also
has its security bit set so it can not be copied.
------
| Scott G. Henion| s...@shdesigns.org |
| Consultant | Stone Mountain, GA |
| SHDesigns http://www.shdesigns.org |
------
Rabbit libs: http://www.shdesigns.org/rabbit/
today's fortune
Having nothing, nothing can he lose.
-- William Shakespeare, "Henry VI"
Reply by ●November 6, 20062006-11-06
We put a special resin developed specially for this
purpose all over the flash memory and rabbit mcu, so
pirates cant remove it or access it.
--- Scott Henion escreveu:
> jmsardon01 wrote:
> > I'm thinking that a single technique can be use
> the MAC address if you
> > have a Rabbit Board with Ethernet. Every you
> compile, you can put a
> > define with the MAC address, then in the program
> read the MAC and
> > compare. Also you can 'obscure' the data to make
> more difficult to
> > decrypt.
> > If you don't produce much units it can be a
> useful technique, but
> > not very very secure. I think, as another people
> in this list, that
> > all encryption are vulnerable if you make the
> sufficient effort.
> >
> That will not work as the MAC is also stored in th
> flash. You can still
> copy the entire flash. You would have a board with
> the same MAC address.
>
> I like the idea of a PIC processor programmed to
> match the MAC and also
> has its security bit set so it can not be copied.
> ------
> | Scott G. Henion| s...@shdesigns.org |
> | Consultant | Stone Mountain, GA |
> | SHDesigns http://www.shdesigns.org |
> ------
> Rabbit libs: http://www.shdesigns.org/rabbit/
> today's fortune
> Having nothing, nothing can he lose.
> -- William Shakespeare, "Henry VI"
_______________________________________________________
Novidade no Yahoo! Mail: receba alertas de novas mensagens no seu celular. Registre seu aparelho agora!
http://br.mobile.yahoo.com/mailalertas/
purpose all over the flash memory and rabbit mcu, so
pirates cant remove it or access it.
--- Scott Henion escreveu:
> jmsardon01 wrote:
> > I'm thinking that a single technique can be use
> the MAC address if you
> > have a Rabbit Board with Ethernet. Every you
> compile, you can put a
> > define with the MAC address, then in the program
> read the MAC and
> > compare. Also you can 'obscure' the data to make
> more difficult to
> > decrypt.
> > If you don't produce much units it can be a
> useful technique, but
> > not very very secure. I think, as another people
> in this list, that
> > all encryption are vulnerable if you make the
> sufficient effort.
> >
> That will not work as the MAC is also stored in th
> flash. You can still
> copy the entire flash. You would have a board with
> the same MAC address.
>
> I like the idea of a PIC processor programmed to
> match the MAC and also
> has its security bit set so it can not be copied.
> ------
> | Scott G. Henion| s...@shdesigns.org |
> | Consultant | Stone Mountain, GA |
> | SHDesigns http://www.shdesigns.org |
> ------
> Rabbit libs: http://www.shdesigns.org/rabbit/
> today's fortune
> Having nothing, nothing can he lose.
> -- William Shakespeare, "Henry VI"
_______________________________________________________
Novidade no Yahoo! Mail: receba alertas de novas mensagens no seu celular. Registre seu aparelho agora!
http://br.mobile.yahoo.com/mailalertas/
Reply by ●November 6, 20062006-11-06
Alexandre Kremer wrote:
> We put a special resin developed specially for this
> purpose all over the flash memory and rabbit mcu, so
> pirates cant remove it or access it.
>
>
I also assume you remove or obstruct the programming header. ;)
------
| Scott G. Henion| s...@shdesigns.org |
| Consultant | Stone Mountain, GA |
| SHDesigns http://www.shdesigns.org |
------
Rabbit libs: http://www.shdesigns.org/rabbit/
today's fortune
Having nothing, nothing can he lose.
-- William Shakespeare, "Henry VI"
> We put a special resin developed specially for this
> purpose all over the flash memory and rabbit mcu, so
> pirates cant remove it or access it.
>
>
I also assume you remove or obstruct the programming header. ;)
------
| Scott G. Henion| s...@shdesigns.org |
| Consultant | Stone Mountain, GA |
| SHDesigns http://www.shdesigns.org |
------
Rabbit libs: http://www.shdesigns.org/rabbit/
today's fortune
Having nothing, nothing can he lose.
-- William Shakespeare, "Henry VI"
Reply by ●November 6, 20062006-11-06
The "security bit" on the PIC with flash is not a secure way to protect
the program memory data.
Only the older OTP devices can be secure, if the developer has zeroed
all of the unused memory locations to prevent the user from over laping
a dump program.
But you still have a problem with the electrical link which exist
between the PIC and the Core module which can be hacked.
The solution is to have Rabbit add the hardware encryption module
internally to the Rabbit MPU, and to the Compiler.
It would not be that big a deal if done properly, and then Rabbit can
sell the MPUs to DOD contracts.
JIMA
Scott Henion wrote:
jmsardon01 wrote:
> I'm thinking that a single technique can be use the MAC address if
you
> have a Rabbit Board with Ethernet. Every you compile, you can put a
> define with the MAC address, then in the program read the MAC and
> compare. Also you can 'obscure' the data to make more difficult to
> decrypt.
> If you don't produce much units it can be a useful technique, but
> not very very secure. I think, as another people in this list, that
> all encryption are vulnerable if you make the sufficient effort.
>
That will not work as the MAC is also stored in th flash. You can still
copy the entire flash. You would have a board with the same MAC address.
I like the idea of a PIC processor programmed to match the MAC and also
has its security bit set so it can not be copied.
------------------------------------------
| Scott G. Henion| shenion@shdesigns.org
|
| Consultant | Stone Mountain, GA |
| SHDesigns http://www.shdesigns.org
|
------------------------------------------
Rabbit libs: http://www.shdesigns.org/rabbit/
today's fortune
Having nothing, nothing can he lose.
-- William Shakespeare, "Henry VI"
__._,_.___
SPONSORED LINKS
Rabbit |
Microprocessor architecture |
Microcontrollers |
Embedded module |
__,_._,___
Reply by ●November 6, 20062006-11-06
Simply rubbing of the part number on all IC's is quite common on systems I
have seen.
Alexandre Kremer wrote:
We put a special resin developed specially for this
purpose all over the flash memory and rabbit mcu, so
pirates cant remove it or access it.
--- Scott Henion escreveu:
> jmsardon01 wrote:
> > I'm thinking that a single technique can be use
> the MAC address if you
> > have a Rabbit Board with Ethernet. Every you
> compile, you can put a
> > define with the MAC address, then in the program
> read the MAC and
> > compare. Also you can 'obscure' the data to make
> more difficult to
> > decrypt.
> > If you don't produce much units it can be a
> useful technique, but
> > not very very secure. I think, as another people
> in this list, that
> > all encryption are vulnerable if you make the
> sufficient effort.
> >
> That will not work as the MAC is also stored in th
> flash. You can still
> copy the entire flash. You would have a board with
> the same MAC address.
>
> I like the idea of a PIC processor programmed to
> match the MAC and also
> has its security bit set so it can not be copied.
> ------
> | Scott G. Henion| s...@shdesigns.org |
> | Consultant | Stone Mountain, GA |
> | SHDesigns http://www.shdesigns.org |
> ------
> Rabbit libs: http://www.shdesigns.org/rabbit/
> today's fortune
> Having nothing, nothing can he lose.
> -- William Shakespeare, "Henry VI"
_______________________________________________________
Novidade no Yahoo! Mail: receba alertas de novas mensagens no seu celular. Registre seu aparelho agora!
http://br.mobile.yahoo.com/mailalertas/
Send instant messages to your online friends http://uk.messenger.yahoo.com
Alexandre Kremer wrote:
We put a special resin developed specially for this
purpose all over the flash memory and rabbit mcu, so
pirates cant remove it or access it.
--- Scott Henion escreveu:
> jmsardon01 wrote:
> > I'm thinking that a single technique can be use
> the MAC address if you
> > have a Rabbit Board with Ethernet. Every you
> compile, you can put a
> > define with the MAC address, then in the program
> read the MAC and
> > compare. Also you can 'obscure' the data to make
> more difficult to
> > decrypt.
> > If you don't produce much units it can be a
> useful technique, but
> > not very very secure. I think, as another people
> in this list, that
> > all encryption are vulnerable if you make the
> sufficient effort.
> >
> That will not work as the MAC is also stored in th
> flash. You can still
> copy the entire flash. You would have a board with
> the same MAC address.
>
> I like the idea of a PIC processor programmed to
> match the MAC and also
> has its security bit set so it can not be copied.
> ------
> | Scott G. Henion| s...@shdesigns.org |
> | Consultant | Stone Mountain, GA |
> | SHDesigns http://www.shdesigns.org |
> ------
> Rabbit libs: http://www.shdesigns.org/rabbit/
> today's fortune
> Having nothing, nothing can he lose.
> -- William Shakespeare, "Henry VI"
_______________________________________________________
Novidade no Yahoo! Mail: receba alertas de novas mensagens no seu celular. Registre seu aparelho agora!
http://br.mobile.yahoo.com/mailalertas/
Send instant messages to your online friends http://uk.messenger.yahoo.com
Reply by ●November 6, 20062006-11-06
You can use OTP parts, they are very cheap.
The PIC and rabbit talk to each other.
The rabbit polls the PIC and the PIC sends it a number.
The rabbit does a calculation on the number and replies with the answer to the PIC.
If the answer is wrong the PIC hangs stopping the rabbit from continuing.
The PIC could even hold the rabbit in reset.
IDES wrote:
The "security bit" on the PIC with flash is not a secure way to protect the program memory data.
Only the older OTP devices can be secure, if the developer has zeroed all of the unused memory locations to prevent the user from over laping a dump program.
But you still have a problem with the electrical link which exist between the PIC and the Core module which can be hacked.
The solution is to have Rabbit add the hardware encryption module internally to the Rabbit MPU, and to the Compiler.
It would not be that big a deal if done properly, and then Rabbit can sell the MPUs to DOD contracts.
JIMA
Scott Henion wrote: jmsardon01 wrote:
> I'm thinking that a single technique can be use the MAC address if you
> have a Rabbit Board with Ethernet. Every you compile, you can put a
> define with the MAC address, then in the program read the MAC and
> compare. Also you can 'obscure' the data to make more difficult to
> decrypt.
> If you don't produce much units it can be a useful technique, but
> not very very secure. I think, as another people in this list, that
> all encryption are vulnerable if you make the sufficient effort.
>
That will not work as the MAC is also stored in th flash. You can still
copy the entire flash. You would have a board with the same MAC address.
I like the idea of a PIC processor programmed to match the MAC and also
has its security bit set so it can not be copied.
------
| Scott G. Henion| s...@shdesigns.org |
| Consultant | Stone Mountain, GA |
| SHDesigns http://www.shdesigns.org |
------
Rabbit libs: http://www.shdesigns.org/rabbit/
today's fortune
Having nothing, nothing can he lose.
-- William Shakespeare, "Henry VI"
Send instant messages to your online friends http://uk.messenger.yahoo.com
The PIC and rabbit talk to each other.
The rabbit polls the PIC and the PIC sends it a number.
The rabbit does a calculation on the number and replies with the answer to the PIC.
If the answer is wrong the PIC hangs stopping the rabbit from continuing.
The PIC could even hold the rabbit in reset.
IDES wrote:
The "security bit" on the PIC with flash is not a secure way to protect the program memory data.
Only the older OTP devices can be secure, if the developer has zeroed all of the unused memory locations to prevent the user from over laping a dump program.
But you still have a problem with the electrical link which exist between the PIC and the Core module which can be hacked.
The solution is to have Rabbit add the hardware encryption module internally to the Rabbit MPU, and to the Compiler.
It would not be that big a deal if done properly, and then Rabbit can sell the MPUs to DOD contracts.
JIMA
Scott Henion wrote: jmsardon01 wrote:
> I'm thinking that a single technique can be use the MAC address if you
> have a Rabbit Board with Ethernet. Every you compile, you can put a
> define with the MAC address, then in the program read the MAC and
> compare. Also you can 'obscure' the data to make more difficult to
> decrypt.
> If you don't produce much units it can be a useful technique, but
> not very very secure. I think, as another people in this list, that
> all encryption are vulnerable if you make the sufficient effort.
>
That will not work as the MAC is also stored in th flash. You can still
copy the entire flash. You would have a board with the same MAC address.
I like the idea of a PIC processor programmed to match the MAC and also
has its security bit set so it can not be copied.
------
| Scott G. Henion| s...@shdesigns.org |
| Consultant | Stone Mountain, GA |
| SHDesigns http://www.shdesigns.org |
------
Rabbit libs: http://www.shdesigns.org/rabbit/
today's fortune
Having nothing, nothing can he lose.
-- William Shakespeare, "Henry VI"
Send instant messages to your online friends http://uk.messenger.yahoo.com
Reply by ●November 6, 20062006-11-06
I laugh at those who do this old trick.
The power and ground connections as well as the external crystals will
give away the device manufacturer and type.
The only real way to do it is to place all of the associated
electronics in a safe box with all filtering on all wires and with a
self destruct circuit if opened.
Then you would not need to worry about Hackers or RFI/EMI.
That is it, make all SBC's weigh in at 30 lbs, then no one will be able
to hack the code! LOL.
Sorry, I went off the cliff.
JIMA
np np wrote:
cite="m...@web27415.mail.ukl.yahoo.com"
type="cite">
Simply rubbing of the part number on all IC's is quite common on
systems I have seen.
systems I have seen.
Alexandre Kremer <alekremer@yahoo.com.br>
wrote:
style="border-left: 2px solid rgb(16, 16, 255);">
We put a special resin developed specially for this
purpose all over the flash memory and rabbit mcu, so
pirates can´t remove it or access it.
--- Scott Henion <shenion@shdesigns.org>
escreveu:
> jmsardon01 wrote:
> > I'm thinking that a single technique can be use
> the MAC address if you
> > have a Rabbit Board with Ethernet. Every you
> compile, you can put a
> > define with the MAC address, then in the program
> read the MAC and
> > compare. Also you can 'obscure' the data to make
> more difficult to
> > decrypt.
> > If you don't produce much units it can be a
> useful technique, but
> > not very very secure. I think, as another people
> in this list, that
> > all encryption are vulnerable if you make the
> sufficient effort.
> >
> That will not work as the MAC is also stored in th
> flash. You can still
> copy the entire flash. You would have a board with
> the same MAC address.
>
> I like the idea of a PIC processor programmed to
> match the MAC and also
> has its security bit set so it can not be copied.
>
>
> ------------------------------------------
> | Scott G. Henion| shenion@shdesigns.org
|
> | Consultant | Stone Mountain, GA |
> | SHDesigns http://www.shdesigns.org
|
> ------------------------------------------
> Rabbit libs: http://www.shdesigns.org/rabbit/
> today's fortune
> Having nothing, nothing can he lose.
> -- William Shakespeare, "Henry VI"
>
>
_______________________________________________________
Novidade no Yahoo! Mail: receba alertas de novas mensagens no seu
celular. Registre seu aparelho agora!
http://br.mobile.yahoo.com/mailalertas/
Send instant messages to your online friends http://uk.messenger.yahoo.com
__._,_.___
SPONSORED LINKS
Rabbit |
Microprocessor architecture |
Microcontrollers |
Embedded module |
__,_._,___
Reply by ●November 6, 20062006-11-06
Solvents will remove ANY resin on the market, ANY!
A trick I used back in the 70's was to use resins to cover the critical
chips, and embed within the resin a matrix of 60 AWG wires which are
part of the battery backed SRAM supply.
If any of the wires were broken the SRAM lost data. Period.
If a solvent was used to dissolve the resin, the VCC and VDD wires in
the matrix would touch, lost data again.
Tricks can be bypassed.
It just depends on how much effort you want to do to retrieve the data.
JIMA
Alexandre Kremer wrote:
cite="m...@web31910.mail.mud.yahoo.com"
type="cite">
We put a special resin developed specially for this
purpose all over the flash memory and rabbit mcu, so
pirates can´t remove it or access it.
--- Scott Henion <shenion@shdesigns.org>
escreveu:
> jmsardon01 wrote:
> > I'm thinking that a single technique can be use
> the MAC address if you
> > have a Rabbit Board with Ethernet. Every you
> compile, you can put a
> > define with the MAC address, then in the program
> read the MAC and
> > compare. Also you can 'obscure' the data to make
> more difficult to
> > decrypt.
> > If you don't produce much units it can be a
> useful technique, but
> > not very very secure. I think, as another people
> in this list, that
> > all encryption are vulnerable if you make the
> sufficient effort.
> >
> That will not work as the MAC is also stored in th
> flash. You can still
> copy the entire flash. You would have a board with
> the same MAC address.
>
> I like the idea of a PIC processor programmed to
> match the MAC and also
> has its security bit set so it can not be copied.
>
>
> ------------------------------------------
> | Scott G. Henion| shenion@shdesigns.org
|
> | Consultant | Stone Mountain, GA |
> | SHDesigns http://www.shdesigns.org
|
>
------------------------------------------
> Rabbit libs: http://www.shdesigns.org/rabbit/
> today's fortune
> Having nothing, nothing can he lose.
> -- William Shakespeare, "Henry VI"
>
>
_______________________________________________________
Novidade no Yahoo! Mail: receba alertas de novas mensagens no seu
celular. Registre seu aparelho agora!
http://br.mobile.yahoo.com/mailalertas/
__._,_.___
SPONSORED LINKS
Rabbit |
Microprocessor architecture |
Microcontrollers |
Embedded module |
__,_._,___
Reply by ●November 6, 20062006-11-06
Still the exchange of data opens up the possibility of hacking and
bypassing if you program another PIC to look for the original code and
respond properly.
Think again.
The ultimate solution is to have all of the security one a single slice
of silicon.
If you come up with a solutions in which you believe that it can not be
broken, then send it to me and for a fee I will break the system and
send you a duplicate system.
It will cost you!
Security keeps the honest people honest, but good security keeps the
crooks out!
JIMA
np np wrote:
cite="m...@web27408.mail.ukl.yahoo.com"
type="cite">
You can use OTP parts, they are very cheap.
The PIC and rabbit talk to each other.
The rabbit polls the PIC and the PIC sends it a number.
The rabbit does a calculation on the number and replies with the
answer to the PIC.
answer to the PIC.
If the answer is wrong the PIC hangs stopping the rabbit from
continuing.
continuing.
The PIC could even hold the rabbit in reset.
IDES <jima@idesolutions.us> wrote:
style="border-left: 2px solid rgb(16, 16, 255);">
The "security bit" on the PIC with flash is not a secure way
to protect the program memory data.
Only the older OTP devices can be secure, if the developer has zeroed
all of the unused memory locations to prevent the user from over laping
a dump program.
But you still have a problem with the electrical link which exist
between the PIC and the Core module which can be hacked.
The solution is to have Rabbit add the hardware encryption module
internally to the Rabbit MPU, and to the Compiler.
It would not be that big a deal if done properly, and then Rabbit can
sell the MPUs to DOD contracts.
JIMA
Scott Henion wrote:
to protect the program memory data.
Only the older OTP devices can be secure, if the developer has zeroed
all of the unused memory locations to prevent the user from over laping
a dump program.
But you still have a problem with the electrical link which exist
between the PIC and the Core module which can be hacked.
The solution is to have Rabbit add the hardware encryption module
internally to the Rabbit MPU, and to the Compiler.
It would not be that big a deal if done properly, and then Rabbit can
sell the MPUs to DOD contracts.
JIMA
Scott Henion wrote:
jmsardon01 wrote:
> I'm thinking that a single technique can be use the MAC address if
you
> have a Rabbit Board with Ethernet. Every you compile, you can put a
> define with the MAC address, then in the program read the MAC and
> compare. Also you can 'obscure' the data to make more difficult to
> decrypt.
> If you don't produce much units it can be a useful technique, but
> not very very secure. I think, as another people in this list, that
> all encryption are vulnerable if you make the sufficient effort.
>
That will not work as the MAC is also stored in th flash. You can still
copy the entire flash. You would have a board with the same MAC address.
I like the idea of a PIC processor programmed to match the MAC and also
has its security bit set so it can not be copied.
------------------------------------------
| Scott G. Henion| shenion@shdesigns.org
|
| Consultant | Stone Mountain, GA |
| SHDesigns http://www.shdesigns.org
|
------------------------------------------
Rabbit libs: http://www.shdesigns.org/rabbit/
today's fortune
Having nothing, nothing can he lose.
-- William Shakespeare, "Henry VI"
Send instant messages to your online friends http://uk.messenger.yahoo.com
__._,_.___
SPONSORED LINKS
Rabbit |
Microprocessor architecture |
Microcontrollers |
Embedded module |
__,_._,___
