Sunday 13 November 2016

Securing code on an AVR/Arduino and delivering updates




  1. What is the best way to protect code flashed onto any AVR based device from reverse engineering?

  2. What is an easy way to provide updates to end users to flash on their own without disclosing the code? (Is it with a bootloader that decrypts an encrypted image?)


Don't flame me for promoting DRM, I am in favor of open platforms--I am just curious how this would work.



Answer



First:


There are fuses on the chip that can be set to prevent external tools from reading the code off the chip. Look for the protection fuses in your datasheet and/or programmer documentation.


It's not perfect, but it protects you from simple attacks.


Second:



You cannot download firmware securely. The AVR cannot self-program protected areas:


http://www.atmel.com/dyn/resources/prod_documents/doc1644.pdf


The best you might be able to do is to use an encrypted token language (such as basic, or forth) and have the interpreter protected on the chip with a bootloader that can program the encrypted tokens into an open area. When running, the chip would decrypt and execute the instructions on the fly.


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

arduino - Can I use TI's cc2541 BLE as micro controller to perform operations/ processing instead of ATmega328P AU to save cost?

I am using arduino pro mini (which contains Atmega328p AU ) along with cc2541(HM-10) to process and transfer data over BLE to smartphone. I...