CCS C Software and Maintenance Offers
FAQFAQ   FAQForum Help   FAQOfficial CCS Support   SearchSearch  RegisterRegister 

ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

CCS does not monitor this forum on a regular basis.

Please do not post bug reports on this forum. Send them to CCS Technical Support

Encrypt data for bootloader

 
Post new topic   Reply to topic    CCS Forum Index -> General CCS C Discussion
View previous topic :: View next topic  
Author Message
Kasper



Joined: 14 Jan 2004
Posts: 88
Location: Aurora, Ontario, Canada

View user's profile Send private message Visit poster's website

Encrypt data for bootloader
PostPosted: Tue May 04, 2004 1:43 pm     Reply with quote

I have just made the bootloader ( Loader.c) work. yay. now my boss wants me to make it so that the data send to it is encrypted so that it is not possible for "the bad guys" to just take the hex file and load it in a controller and have the whole project copied.
I was thinking of xor-ing everything in the file with some "secret" character, then have the microcontroller xor it back to normal after reception.. has anyone tried this.. any issues to watch for... any problems?.. any better ways to encrypt the data?

Thanks in Advance

Kasper[/code]
Haplo



Joined: 06 Sep 2003
Posts: 659
Location: Sydney, Australia

View user's profile Send private message

PostPosted: Tue May 04, 2004 6:03 pm     Reply with quote

As long as you XOR each byte of the data back to normal right after receiving it (before putting in the buffer), it should be fine. That section of Loader.C will look something like this:

Code:

do
{
        temp=getc() ;
        temp^=0x55; //Or any arbitrary number
        buffer[buffidx] = temp;
}
 while ( (buffer[buffidx++] != 0x0D) && (buffidx <= BUFFER_LEN_LOD) );



On the PC side, have you written your own uploader or are you using CCS' "Serial Port Monitor"? If you just encrypt the HEX file and then feed it to Serial Port Monitor it may not work because that program may be using CR/LFs to read a full line and send it to the PIC, but XORing will destroy CR/LFs.
Guest
Guest







Recursion
PostPosted: Tue May 04, 2004 8:13 pm     Reply with quote

Use some form of recursion
hillcraft



Joined: 22 Sep 2003
Posts: 101
Location: Cape Town (South africa)

View user's profile Send private message Send e-mail Visit poster's website

Code protection and bootloaders
PostPosted: Wed May 05, 2004 12:52 am     Reply with quote

As far as I am aware bootloaded pics have serious code protection issues.

It seems that the pic can have code protection on / off for the entire pic including the bootloader. This means that if you have et the code protect flag after you have loaded your code, you cannot reload the code without reloading the entire bootloader. This kinda defeats the object of using a bootloader - does it not?
Ttelmah
Guest







Re: Encrypt data for bootloader
PostPosted: Wed May 05, 2004 2:39 am     Reply with quote

Kasper wrote:
I have just made the bootloader ( Loader.c) work. yay. now my boss wants me to make it so that the data send to it is encrypted so that it is not possible for "the bad guys" to just take the hex file and load it in a controller and have the whole project copied.
I was thinking of xor-ing everything in the file with some "secret" character, then have the microcontroller xor it back to normal after reception.. has anyone tried this.. any issues to watch for... any problems?.. any better ways to encrypt the data?

Thanks in Advance

Kasper[/code]

To encrypt, requires that you 'structure' your code in a fairly particular way. You need to have the bootloader, which lives in the first area of the ROM. This has to be set to have code protection, and write protection enabled. You then encrypt your data at a level that is dependant on the protection required (you seem to be assuming that people will have access to your file - do you trust the people who will upgrade the systems or not - if you trust the 'upgraders', then encryption of the data is pointess - otherwise your 'code' can range from a simple sequential 'XOR' with a data pattern, through to multi-element polynomial encryption, but remember that the decoding algorithm needs to live in the bootblock, and hence the size will be fairly limited). Then you obviously have to have code protection enabled across the chip, but leave write protection disabled (otherwise the bootloader can't program the chip). I'd look at XORing with a byte pattern, starting at the beginning of the data and working forwards, then when the pattern expires, use the results of encryption so far, as the new pattern for the next 'block' (keep the pattern and block size small, like 8/16 bytes, to make the encoder/decoder fairly small as well). Then the decoder, needs only to know the first pattern word, and the result is much less predicatable than a single byte XOR. You could also have a small number of patterns, selected by the first character of the incoming data, to reduce the probability that somebody can 'spot' a pattern. It is also worth considering re-ordering the hex data, since otherwise the first line becomes relatively 'predictable', making is available as a 'crib' for cracking your code. Given that the Intel format, allows the lines to be in allmost any order, scrambling the lines, massively reduces this route to cracking the data (though the first few bytes on each line, still leave a hole...).

Best Wishes
Kasper



Joined: 14 Jan 2004
Posts: 88
Location: Aurora, Ontario, Canada

View user's profile Send private message Visit poster's website

PostPosted: Wed May 05, 2004 4:06 pm     Reply with quote

Thanks Smile

I will try and implement some simple XOR encryption tomorrow.. today was getting the windows software working.. I will put it up for download if anyone is interested.. source and all in VB.. all it does is the same as the CCS showio, if even that, but it works Smile
hillcraft



Joined: 22 Sep 2003
Posts: 101
Location: Cape Town (South africa)

View user's profile Send private message Send e-mail Visit poster's website

Bootloader software
PostPosted: Wed May 05, 2004 11:04 pm     Reply with quote

Hi Kasper,

Yes, please pulish the bootloader software, I would love to see how it works. If the copy protection works I would most certainly implement it in my product.
Kasper



Joined: 14 Jan 2004
Posts: 88
Location: Aurora, Ontario, Canada

View user's profile Send private message Visit poster's website

PostPosted: Thu May 06, 2004 2:28 pm     Reply with quote

Here is a link to my simple bootloader + source in VB6

http://www.kmpeng.com/Flasher.zip

it still has little error handeling in it, and I have not build any encryption in, but it will load hex files to your PIC just as well as the SIOW program from CCS.
it will time out if there is no response from the PIC in 2 seconds, so make sure it is in boot mode before sending stuff to it Smile

Feel free to use this code to make a pretty interface for your end users, or use it as is.

Only thing.. if you add usefull functionality to it, please share the code Smile

standard disclaimer.. I will not be held responsible for any damage this file will do in the wild ( none as far as I can tell) .. so if you are nervous, open up the source and compile for yourself.. VB6 SP5
Display posts from previous:   
Post new topic   Reply to topic    CCS Forum Index -> General CCS C Discussion All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group