Hello,
How hard is it really to backward engineer a .hex file distributed as part of a software update, and extract from it useful information about IP (I know there are decompilers available for practically all platforms but I never really used one)? I was considering encoding a software update file, decoding the data on the controller before IAP - but is it worth it?
We have a product specifically made for a market that it known to be infested with piracy, theft (sometimes government financed) and cheating. Some behavior of the discussed software if truly unique, allowing interfacing with equipment that seeks exactly that kind of behavior. But in the mean time, the off-shore manufacturer itself is demanding a slice of the IP, so it does not seem to head there...
I was thinking of something really nasty, like RSA over a 1024 bits key. If I can place the decoding key in a CRP enabled bootloader, assuming it cannot be hacked, and the bootloader programmed at a safe location, maybe I can frustrate an attacker...
Bypassing CRP - see here:
water.cse.unsw.edu.au/.../crp-security.html
assuming it cannot be hacked wrong assumption
anything can be hacked, the only issue is "is the cost of hacking it value for money"
you may want to have a gander at the Dallas "secure micros". Then google to see who and for much it is offered to hack them
Erik
If you really don't want people to crack it, just make your product so bad that people won't want it.