Hello,
How hard is it really to backward engineer a .hex file distributed as part of a software update, and extract from it useful information about IP (I know there are decompilers available for practically all platforms but I never really used one)? I was considering encoding a software update file, decoding the data on the controller before IAP - but is it worth it?
I was considering encoding a software update file, decoding the data on the controller before IAP - but is it worth it?
Hardly. Any decoding that your update loader can do can quite probably be worked around by a dedicated attacker.
The question is the same as always: how badly do you assume your attacker wants those secrets? In other words, who are you trying to protect yourself against: a random script kiddie or a professional attacker with considerable resources?
Look at the security measures of the game consoles. Look at the history of hacking of them...
Look at the security of DVD and BluRay movies. Look at the history of hacking the content protection...
There must be a real gain from cracking something before the people you should be worried about will home in on your products. But when they do home in, it's time to be really worried.
History has shown that just about anything can be hacked.
Another thing - there are companies out there who openly anounces that they sell reverse-engineering services, including extraction of the contents from read-protected processors.
We have a product specifically made for a market that it known to be infested with piracy, theft (sometimes government financed) and cheating. Some behavior of the discussed software if truly unique, allowing interfacing with equipment that seeks exactly that kind of behavior. But in the mean time, the off-shore manufacturer itself is demanding a slice of the IP, so it does not seem to head there...
I was thinking of something really nasty, like RSA over a 1024 bits key. If I can place the decoding key in a CRP enabled bootloader, assuming it cannot be hacked, and the bootloader programmed at a safe location, maybe I can frustrate an attacker...
Bypassing CRP - see here:
water.cse.unsw.edu.au/.../crp-security.html
assuming it cannot be hacked wrong assumption
anything can be hacked, the only issue is "is the cost of hacking it value for money"
you may want to have a gander at the Dallas "secure micros". Then google to see who and for much it is offered to hack them
Erik
If you really don't want people to crack it, just make your product so bad that people won't want it.