| View previous topic :: View next topic |
| Author |
Message |
Trampas
Joined: 04 Sep 2004
Posts: 89
Location: NC
|
| Code proctection and firmware updates? |
 Posted: Sun Sep 26, 2004 8:43 am |
 |
|
I am trying to figure out the best way to do code proctection and allow a firmware update.
First I have been reading the data sheets on the code protection bits, did anyone ever mention that Microchip data sheets are not clear? So here is what I can figure out:
The Code Protection bits (CPx) do not allow external read and writes of the program memory.
The Write-Protect bits (WRTx) do not allow program to write to program memory.
The External Block Table Read Bit (EBTRx) do not allow a block of program memory to be read from outside of it's block.
So I was thinking that I will need to set the CPx bits, but not WRTx and EBTRx bits. This way my loader can read/write program memory.
Now assuming that I have encryption of the data and that the encrypted updates are loaded into external flash memory. Then on power up the PIC checks external flash for vaild program. Then decrypts data and loads(program) into PIC. What is the risk that the program can be compromised? I am looking for a difficulty rating from 0-easy to 10-impossible, assuming my encryption algorithm is 128-bit encryption. With the keys stored in program memory with the bootloader.
Basically I am looking for something that will take cost more than $10k to crack. Heck for $10k I would consider selling the code. Is the CPx bits relativly secure?
Thanks
Trampas |
|
 |
Yashu
Joined: 08 Oct 2003
Posts: 26
|
| Re: Code proctection and firmware updates? |
| Posted: Tue Sep 28, 2004 5:59 pm |
|
|
| Trampas wrote: | I am trying to figure out the best way to do code proctection and allow a firmware update.
First I have been reading the data sheets on the code protection bits, did anyone ever mention that Microchip data sheets are not clear? So here is what I can figure out:
The Code Protection bits (CPx) do not allow external read and writes of the program memory.
The Write-Protect bits (WRTx) do not allow program to write to program memory.
The External Block Table Read Bit (EBTRx) do not allow a block of program memory to be read from outside of it's block.
So I was thinking that I will need to set the CPx bits, but not WRTx and EBTRx bits. This way my loader can read/write program memory.
Now assuming that I have encryption of the data and that the encrypted updates are loaded into external flash memory. Then on power up the PIC checks external flash for vaild program. Then decrypts data and loads(program) into PIC. What is the risk that the program can be compromised? I am looking for a difficulty rating from 0-easy to 10-impossible, assuming my encryption algorithm is 128-bit encryption. With the keys stored in program memory with the bootloader.
Basically I am looking for something that will take cost more than $10k to crack. Heck for $10k I would consider selling the code. Is the CPx bits relativly secure?
Thanks
Trampas |
Protection bits work OK. I do exactly what you plan on doing...except, the 128-bit encryption. I use simple "z-1" xor/and type of recursive algorithm. It's only to keep honest people honest.
If they want to try to reverse engineer my op-code,... go right ahead... personally, I feel it's easier to just write your own code instead of leeching on some elses'... esp. if there's no comments and it's in assembly. |
|
|
Haplo
Joined: 06 Sep 2003
Posts: 659
Location: Sydney, Australia
|
| Re: Code proctection and firmware updates? |
| Posted: Tue Sep 28, 2004 6:26 pm |
|
|
| Yashu wrote: |
If they want to try to reverse engineer my op-code,... go right ahead... personally, I feel it's easier to just write your own code instead of leeching on some elses'... esp. if there's no comments and it's in assembly. |
Reverse-engineering the code that was compiled from a C source is not very easy, especially if the code is big and especially if the code is compiled by CCS.
I thought about encrypting the code once but then I thought if those guys are smart enough to reverse-engineer my code successfully then they deserve to have it  |
|
|
Yashu
Joined: 08 Oct 2003
Posts: 26
|
| Re: Code proctection and firmware updates? |
| Posted: Tue Sep 28, 2004 6:32 pm |
|
|
[quote="Haplo"] | Yashu wrote: |
I thought about encrypting the code once but then I thought if those guys are smart enough to reverse-engineer my code successfully then they deserve to have it |
touchee... and if they can reverse engineer it, they should call me too..... so I can hire them. |
|
|
|
FAQ 
Search
Register
Profile 
Log in to check your private messages 
Log in
