Shop OBEX P1 Docs P2 Docs Learn Events
Encrypting SD Card data — Parallax Forums

Encrypting SD Card data

BigFootBigFoot Posts: 259
edited 2011-03-04 15:47 in Propeller 1
Our PoS Terminals use a 2 Gig SD card to store student account data and photos. We
are looking at different ways to encrypt this data to protect the students information.

We have looked at different firmware solutions from simple encryption to full blown AES.
We are also looking for a simple hardware biased solution and I was wondering if any
of you guys know of a chip that will encrypt the data to the card ?

Comments

  • Heater.Heater. Posts: 21,230
    edited 2011-03-04 07:40
    Keeping all that sensitive data on a POS terminal just seems like a bad idea. What could possibly go wrong?
  • Mike GreenMike Green Posts: 23,101
    edited 2011-03-04 07:54
    Why not just use the existing random (?) function in Spin? I don't know how you're transferring the data back and forth, whether you're using random access to the file or what, but you could use something unique about each student record, like the address on the card of the record, as the starting value for RANDOM, XOR each long of the record with the "next" random number, etc. Other options include using successive portions of a key as the starting value for the random function ... the 1st 4 bytes for the random function for the 1st 4 bytes of the record, then the 2nd 4 bytes of the key for the 2nd 4 bytes of the random function, repeating this as needed for the entire student record using the last output of the random function as the starting point for the next. This isn't "strong" cryptography, but would protect the data against all but the most sophisticated analysis.
  • BigFootBigFoot Posts: 259
    edited 2011-03-04 07:56
    It is just temporary storage, each night the terminals are updated from the schools server. It was the only way
    to get the speed up.
  • BigFootBigFoot Posts: 259
    edited 2011-03-04 11:11
    Thanks Mike,

    We are talking about doing something very similar but have very little space left in the main program.
    This is why I was wondering if anyone knew of a hardware solution. I sure hope the Prop2 chip comes
    out soon.
  • Mike GreenMike Green Posts: 23,101
    edited 2011-03-04 12:01
    For the simplest case, you're not talking about much. You could take the low level SD card read/write routines and write a "wrapper" that calls them and either encodes or decodes a byte based on its position in the file plus maybe a fixed key compiled into the program. Your program would call the "wrapper" method which would then call the original byte read/write routine. We're talking about a few lines of additional code and changing calls to the SD card byte I/O.
  • RaymanRayman Posts: 14,880
    edited 2011-03-04 15:47
    There might be a couple of ideas for you in this PIC appnote:
    http://ww1.microchip.com/downloads/en/AppNotes/00953a.pdf
Sign In or Register to comment.