In your example, the cypher PIC would work more to prevent execution of code on a Propeller that's not equipped with it than to prevent someone from inspecting the plaintext code itself. Do I understand that correctly?
Some tricky games·could be played, like unscrambling the code that does the checks at runtime, based on the results of other·executed code. You could make it very convoluted if you wanted to. What do you think, Phil? So people could copy the EEPROM, but unless they had a multi-level runtime understanding of the code, they couldn't make it all work without the secret cypher PIC.
Uh oh! What if someone made a full-chip Propeller simulator that had live I/O pins? They could then watch the cypher interaction and see where it was coming from. It could still be a·ball of snakes to unravel, though. I guess their difficulty could only be made proportional to your own, then.
There probably isn't anything that's totally secure, but the kind of labyrinth you're proposing would certainly slow people down, stopping all but the most intrepid. How much is enough, I wonder?
For example, I'm privy to a communication protocol that I signed an NDA for 15 years ago. It's for communicating with a certain company's PLCs, and — unbelieveably — it's still under wraps. Now, if I wanted the Propeller to communicate with that company's equipment, how many twists and turns would I have to incorporate to pass the "all reasonable measures" test? (This is notwithstanding any attempts to infer the protocol by tapping the communication lines to the PLC.)
For me, at least, it's more important to be able to use someone else's components that might be encumbered thus, than it is to protect my own code. And that carries with it a legal test for reasonableness that any security measures would have to pass, and which surpasses anything I'd be satisfied with on my own. Now if I could say, "These measures withstood an offer of $10,000 to crack them which has been on the table for two years," that would probably be adequate.
Well, you could take two snapshots of cnt and make sure the right number of cycles passed... then it would require a cycle-accurate emulator; which you could likely defeat by throwing in some waitcnt's and hub accesses *knowing* how many cycles you ought to miss; not likely that emulators would be able to emulate even hub interactions that closely without running in really big really fast FPGA's...
Incidentally this code protection - or lack thereof - really is limiting the Propeller; I also can't use it for some work for clients precisely because of it.
(btw, I PM'd you about a week ago... please respond)
Chip Gracey (Parallax) said...
Uh oh! What if someone made a full-chip Propeller simulator that had live I/O pins? They could then watch the cypher interaction and see where it was coming from. It could still be a·ball of snakes to unravel, though. I guess their difficulty could only be made proportional to your own, then.
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔ www.mikronauts.com - a new blog about microcontrollers
Now if I could say, "These measures withstood an offer of $10,000 to crack them which has been on the table for two years," that would probably be adequate.
Not that I expect such an offer ever to be made!
Hey, we could do this! $10k is not too much to risk for something of this magnitude. The most important thing is that it never has to get paid, because nobody ever breaks the scheme. That would be worth a lot more than $10k. I am going to think more about this.
Is it practical to have a EEPROM or semi-EEPROM boot loader in the next versions of the prop?
That way when you program the main EEPROM you could "randomize" the data order and also store some key to this randomization in the prop. The prop would then read the data out in a truly random fashion and reassemble internally using the key.
Back in 1991 cash prizes were offered by RSA Labortories in a series of challenges to factor products of two large primes. Being able to do so would make it possible to crack RSA's public key crytosystems. Failure would lend support to the system's perceived security. The larger numbers remain unfactored to this day.
I guess this is what was in the back of my mind when I made my rather offhand comment. It wasn't meant to be taken seriously. Honest!
Well, what do you guys think of·the $.39·dongle approach? Is it too bothersome that the EEPROM would be unscrambled, even though you could stop your application if the dongle wasn't detected? I think this comes down to a perceptual issue, more than a security issue.
Phil Pilgrim (PhiPi) said...
Back in 1991 cash prizes were offered by RSA Labortories in a series of challenges to factor products of two large primes. Being able to do so would make it possible to crack RSA's public key crytosystems. Failure would lend support to the system's perceived security. The larger numbers remain unfactored to this day.
I guess this is what was in the back of my mind when I made my rather offhand comment. It wasn't meant to be taken seriously. Honest!
-Phil
Phil, Are you referring to the RC5-56 or the RC5-64 challenges - both of the key's were cracked. Of course it only required a few thousand computers, each processing tens of thousands of keys per second, a couple of years to find the keys www.distributed.net/rc5/
I think he's referring to http://www.rsa.com/rsalabs/node.asp?id=2093 where you factor a number that has only two prime factors. The numbers were supposedly generated via a random number generator with a secret seed that was later destroyed to ensure the numbers would be unique.
Back on topic: I think the cypher key system would probably be the best method since putting a slow PIC in between a eeprom and the propeller would probably screw up timing not to mention would likely violate i2c patents. But if you did manage to get it working in between then it would be wonderful to be able to have 'out of order' loading with a custom bootloader. This would confuse the hacker a bit more.
Harrison
Post Edited (Harrison.) : 3/16/2007 5:46:11 PM GMT
Chip,
It sounds good ..... and a cheap option - I think it all boils down to the complexity of the app to be protected - personal view is that if somebody was so devoid of ideas and had to copy/clone - then they can't really be considered a serious threat ..
Quattro
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔ 'Necessity is the mother of invention'
It is not about being devoid of ideas. It is about putting your company's soul on the market. Many companies have worked many years to develop and perfect solutions to certain problems. Take the alignment of a truck and its wheels after a collision as an example. One company I work with has patented the method (rather high-level math involved) and then continued to refine their method to account for second order and third order effects like springing back and settling when put on the road again. That is experience and know-how - not something that can be patented. Years and years of research and experience goes into that. The method works very well and no other company comes close to the result they get from their computerised alignment benches. A company like that does not want anyone to read the code and clone their products. It is very real and not something to be judged from an "uh, he isn't very smart - not a threat" point of view.
And, yes. That dongle sounds to be a good solution. I am not man enough to judge if it is a VERY SAFE solution, but fair enough, I think. There are surely others around that can judge the level of safety. But I could use it and my customers would be happy. Putting a fence is often enough. Even an electric fence - without voltage in it - keeps people away.
Perception is worth $.39 extra, in many cases the added cost could be higher, depending of the margins and what is needing protection. Even a $20 part could be justified on high ticket items, if it did provide some substantial degree of protection, enough to make someone put real energy into solving it.
I will even remove the markings on the top of the PIC, and laser or screen "SecureProp"
Post Edited (originator) : 3/16/2007 10:13:34 PM GMT
Regardless of anyones position on the right or wrong of open source, there are many applications where such encryption is mandatory and useful.
1. Secure entry systems
2. Subscriber based systems(pay based on the length of time the device is needed, else it stops)
3. Anti theft technology(numerous cases of this use)
Protecting code is up to the company/designer and their position on open source
Protecting assets, real property and secure data is another thing.
Post Edited (originator) : 3/16/2007 11:53:14 PM GMT
There are some secure EEPROMS available. The one below is quite small, maybe there are more relevent parts available. Somebody just happened to send me a link to this for some reason that I can't remember. I haven't looked into it too closely, but it looks interesting on the surface. Maybe a future propeller could support some related part.
Anyone interested in developing their own crypto should take a look at Schneier's Self-Study Course in Block Cipher Cryptanalysis and read a few of his Cryptogram back issues just to see the skill level of the people who will trying to crack your system, and some examples of poorly designed systems.
What if in the case you had a bladder with eching acid (like for making circuit boards) in it so that if someone tried to drill into it would burn up the EEPROM? So that instead of these complex software fixes all you have to do is put this bladder in the case.
Or you could set it up so that if it is run on AC if the case is opened and then plugged in it will send a ten millisecond pulse of 110 volts AC right thru the EEPROM
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
lets see what this does... KA BOOM (note to self do not cross red and black)
boeboy,
All of these have been tried at one point or another. In the first case, it wasn't a bladder with acid, but a coating on the chip itself that would react with oxygen if the chip were exposed to the air. That might work if you had only one device that was ever built, but we're talking about lots of them. A thief would just buy another and find a different way to open the case (or chip). In the case of the chip coating, you'd just open it in a vacuum or under nitrogen without any oxygen in it. The same thing would be true with the electrical self-destruct. You'd just buy another unit and not plug it in.
Also, these days, you could x-ray the box using a high resolution CT scanner and check out what mechanisms were present before trying to open it or plug it in.
well I can think of a simple upgrade to the "pot the lot" security method. If an abrasive is added to the potting compound, machining off the potting compound now becomes VERY hard on metal tooling. (some really fine sand or Alumina abrasive powder would work well) Still won't stop someone determined but it will slow them down some. (and destroy a lot of cutting tools Heck if the abrasive is chosen right it could also blur any x-ray pictures taken.
This thread is becoming more and more like how to build a BOMB...
The fact is that there are many different methods to make it hard to copy something.
Now a customer that wants to CODE PROTECT his baby and wants to buy lots of them
ie HIGH OEM customer or who really cares ... is not going to POT or do any of the above mentioned
methods.. 2 time consuming 2 expensive...( is aluminium not a conductor...)
The argument these people have is that ..why can we code protect a 39 cts "OTHER BRAND DEVICE"
and not the AWESOME PROPELLER... ( we know it is the way it was done ... yes let not go there again)
For those that frequent this FORUM should by now know that I and most of us love the OPEN SOURCE format.
So do not please make me feel quilty of double stds..
When a customer demands CODE PROTECTION he wants the real deal ..
I pray to our Dear LORD that the next PROPELLER has it ... might even say a special prayer today in church.
Yep AMEN is the last word normally I forgot 2 include that.
It's all your fault you started this thread...
Look up the true meaning of the word "AMEN" and you will be surprised.
Hey Skogs enjoy.. have a great day over and out on this issue ...
I was looking forward to Chip's 'solution' using that 39¢, 6-pin PIC solution.
Yes, for some, such protection of the code is important. None of my applications would, but I understand the dilemna. Man, would a low-cost solution for the Propeller be a breakthrough for those who (think they) need it.
Comments
In your example, the cypher PIC would work more to prevent execution of code on a Propeller that's not equipped with it than to prevent someone from inspecting the plaintext code itself. Do I understand that correctly?
-Phil
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Paul Baker
Propeller Applications Engineer
Parallax, Inc.
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Chip Gracey
Parallax, Inc.
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Chip Gracey
Parallax, Inc.
There probably isn't anything that's totally secure, but the kind of labyrinth you're proposing would certainly slow people down, stopping all but the most intrepid. How much is enough, I wonder?
For example, I'm privy to a communication protocol that I signed an NDA for 15 years ago. It's for communicating with a certain company's PLCs, and — unbelieveably — it's still under wraps. Now, if I wanted the Propeller to communicate with that company's equipment, how many twists and turns would I have to incorporate to pass the "all reasonable measures" test? (This is notwithstanding any attempts to infer the protocol by tapping the communication lines to the PLC.)
For me, at least, it's more important to be able to use someone else's components that might be encumbered thus, than it is to protect my own code. And that carries with it a legal test for reasonableness that any security measures would have to pass, and which surpasses anything I'd be satisfied with on my own. Now if I could say, "These measures withstood an offer of $10,000 to crack them which has been on the table for two years," that would probably be adequate.
Not that I expect such an offer ever to be made!
-Phil
Incidentally this code protection - or lack thereof - really is limiting the Propeller; I also can't use it for some work for clients precisely because of it.
(btw, I PM'd you about a week ago... please respond)
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
www.mikronauts.com - a new blog about microcontrollers
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Chip Gracey
Parallax, Inc.
That way when you program the main EEPROM you could "randomize" the data order and also store some key to this randomization in the prop. The prop would then read the data out in a truly random fashion and reassemble internally using the key.
Graham
This is getting quite interesting ....
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
'Necessity is the mother of invention'
I guess this is what was in the back of my mind when I made my rather offhand comment. It wasn't meant to be taken seriously. Honest!
-Phil
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Chip Gracey
Parallax, Inc.
Phil, Are you referring to the RC5-56 or the RC5-64 challenges - both of the key's were cracked. Of course it only required a few thousand computers, each processing tens of thousands of keys per second, a couple of years to find the keys www.distributed.net/rc5/
Back on topic: I think the cypher key system would probably be the best method since putting a slow PIC in between a eeprom and the propeller would probably screw up timing not to mention would likely violate i2c patents. But if you did manage to get it working in between then it would be wonderful to be able to have 'out of order' loading with a custom bootloader. This would confuse the hacker a bit more.
Harrison
Post Edited (Harrison.) : 3/16/2007 5:46:11 PM GMT
It sounds good ..... and a cheap option - I think it all boils down to the complexity of the app to be protected - personal view is that if somebody was so devoid of ideas and had to copy/clone - then they can't really be considered a serious threat ..
Quattro
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
'Necessity is the mother of invention'
And, yes. That dongle sounds to be a good solution. I am not man enough to judge if it is a VERY SAFE solution, but fair enough, I think. There are surely others around that can judge the level of safety. But I could use it and my customers would be happy. Putting a fence is often enough. Even an electric fence - without voltage in it - keeps people away.
Its my 'opinion' - as stated ...
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
'Necessity is the mother of invention'
I will even remove the markings on the top of the PIC, and laser or screen "SecureProp"
Post Edited (originator) : 3/16/2007 10:13:34 PM GMT
Do you have anything against me saying what I say?
This is an important issue for many of us. And I think that the discussion here is valuable.
Is that wrong?
1. Secure entry systems
2. Subscriber based systems(pay based on the length of time the device is needed, else it stops)
3. Anti theft technology(numerous cases of this use)
Protecting code is up to the company/designer and their position on open source
Protecting assets, real property and secure data is another thing.
Post Edited (originator) : 3/16/2007 11:53:14 PM GMT
http://www.maxim-ic.com/quick_view2.cfm/qv_pk/2914
Anyone interested in developing their own crypto should take a look at Schneier's Self-Study Course in Block Cipher Cryptanalysis and read a few of his Cryptogram back issues just to see the skill level of the people who will trying to crack your system, and some examples of poorly designed systems.
http://www.schneier.com/paper-self-study.html
These are two completely different issues. That is what I have been trying to say for quite a while. I see no problem in supporting both.
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Chip Gracey
Parallax, Inc.
Or you could set it up so that if it is run on AC if the case is opened and then plugged in it will send a ten millisecond pulse of 110 volts AC right thru the EEPROM
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
lets see what this does... KA BOOM (note to self do not cross red and black)
All of these have been tried at one point or another. In the first case, it wasn't a bladder with acid, but a coating on the chip itself that would react with oxygen if the chip were exposed to the air. That might work if you had only one device that was ever built, but we're talking about lots of them. A thief would just buy another and find a different way to open the case (or chip). In the case of the chip coating, you'd just open it in a vacuum or under nitrogen without any oxygen in it. The same thing would be true with the electrical self-destruct. You'd just buy another unit and not plug it in.
Also, these days, you could x-ray the box using a high resolution CT scanner and check out what mechanisms were present before trying to open it or plug it in.
My 2 cents,
Marty
The fact is that there are many different methods to make it hard to copy something.
Now a customer that wants to CODE PROTECT his baby and wants to buy lots of them
ie HIGH OEM customer or who really cares ... is not going to POT or do any of the above mentioned
methods.. 2 time consuming 2 expensive...( is aluminium not a conductor...)
The argument these people have is that ..why can we code protect a 39 cts "OTHER BRAND DEVICE"
and not the AWESOME PROPELLER... ( we know it is the way it was done ... yes let not go there again)
For those that frequent this FORUM should by now know that I and most of us love the OPEN SOURCE format.
So do not please make me feel quilty of double stds..
When a customer demands CODE PROTECTION he wants the real deal ..
I pray to our Dear LORD that the next PROPELLER has it ... might even say a special prayer today in church.
Ronald Nollet OZ
And I hope that this is the end of this week's preaching.
Yep AMEN is the last word normally I forgot 2 include that.
It's all your fault you started this thread...
Look up the true meaning of the word "AMEN" and you will be surprised.
Hey Skogs enjoy.. have a great day over and out on this issue ...
Ronald
I was looking forward to Chip's 'solution' using that 39¢, 6-pin PIC solution.
Yes, for some, such protection of the code is important. None of my applications would, but I understand the dilemna. Man, would a low-cost solution for the Propeller be a breakthrough for those who (think they) need it.
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Harley Shanko
h.a.s. designn