I was thinking it would be kind of fun to use an ATTiny to store a one-time pad for sending and receiving a secret message. Instead of cracking open a vial with a rolled-up paper like they do in the movies, you'd crack open a vile, insert the chip into a device with a TTL-to-usb chip on it, and either decode a message or compose a message from a terminal program on a PC.
One time pad encryption is unbreakable, so you'd get a lot of geek cred :).
I was curious as to how secure an AVR chip is from tampering? I know you can set the fuses to keep anyone from reading the code in flash on the chip, but could someone with the right tools open up the chip, access the flash somehow and read the contents?
I'm thinking I'd password protect the functionality to send/receive messages and count the number of bad attempts via EEPROM. If there were a certain number of failed attempts, the program would stop working.
Nothing I do is particularly secret, but I thought it might be fun. I have a couple nephews that might get a kick out of communicating that way.
shawnlg:
I was curious as to how secure an AVR chip is from tampering? I know you can set the fuses to keep anyone from reading the code in flash on the chip, but could someone with the right tools open up the chip, access the flash somehow and read the contents?
No. Well, aliens from the future, maybe. But the manufacturer may have left a back door open to comply with government agencies. They wouldn't be allowed to talk about it.
dave-in-nj:
any memory chip can be opened and the contents read if 'they' have the actual chip.
memory is a physical thing that can be seen under a microscope.
but, you can encrypt the bejeebers out of it and make it so an ordinary person cannot read it.
Really? I doubt that you could capture the cell charge states especially after the whole thing has been soaked overnight in nitric acid.
I know you can look at rom under a microchip since it is created by a mask to create the circuit. But flash just has electrical charges, so I would think that would be tough. An ATTiny might take awhile to decrypt. Plus I want to keep it simple.
I'm not an encryption expert, but there are lots of well-known encryption techniques/algorithms. Some are simple (such as XOR or character replacement) and some are very advanced that take a super computer years to crack.
If there were a certain number of failed attempts, the program would stop working.
That seems to be working very-well for the iPhone!
It's one thing to make a "game" that your nephews could have fun with - but who would be likely to take any serious trouble to try to crack their code? (Or, what would be the point of making any serious encryption system)
It's quite another thing to make a code that the CIA or their Russian or Chinese counterparts cannot crack. I doubt if it is possible with an Arduino.
Robin2:
It's one thing to make a "game" that your nephews could have fun with - but who would be likely to take any serious trouble to try to crack their code? (Or, what would be the point of making any serious encryption system)
It's quite another thing to make a code that the CIA or their Russian or Chinese counterparts cannot crack. I doubt if it is possible with an Arduino.
...R
They did it with paper, pencil, and a one-time-use encryption pad on submarines (according to the movies anyway) so the same scheme could easily be done on the Arduino. This type of encryption is unbreakable so long as no outsider has the encrypt/decrypt pad. So my original post was asking if there would be any way to read this pad from an AVR chip if the chip got in the wrong hands. My only alternative is to do what they did in the movies - after decrypting the message, you must swallow the ATTiny85. That might hurt going down, unless you used a surface mount one.
There are also "ways" to unset the lockbits so you can read the contents of the flash again - There are specialist companies that offer firmware extraction services. I think they mostly use non-destructive methods in order to glitch the chip into thinking the lockbits aren't set (out-of-spec voltages, sudden changes in voltage (supply glitches), intentionally creating glitches in the clock signal, etc)
Reading a memory chip is simple if you have the right equipment.
You first remove the top, or decapsulate it with a mechanical slicer. Then when the chip is exposed you use a scanning electron microscope to read the charge on the cells of the flash memory.
No acid is involved at all.
Grumpy_Mike:
Reading a memory chip is simple if you have the right equipment.
You first remove the top, or decapsulate it with a mechanical slicer. Then when the chip is exposed you use a scanning electron microscope to read the charge on the cells of the flash memory.
No acid is involved at all.
Wouldn't the beam mess up the electrons/holes that comprise the charges?
Cipher decryption looks for patterns, and exploits them. A truly random one time pad has no pattern, and cannot be exploited.
With an epoxy encapsulated chip, "removing the top" usually involves nitric acid. In a non-cavity package, it is hard to get a "mechanical slicer" close enough to get to the chip without slicing bondwires.
@Grumpy_Mike is correct about removing the cover. It is possible (and quickly becoming less expensive) to mechanically shave off the plastic package exposing the chip. However, the attack I read about involved using an electron scanning microscope to place "micro probes" so memory could be directly accessed.
I have seen accounts of manufacturers placing sold metal plates over memory in the misguided belief that will protect access. It does not.
Consider this... the processor is able to read Flash. If tiny wires can be placed on the same bus used by the processor then Flash can be accessed just like the processor.
You would really use the one time pad as a key for another encryption system. While that encryption might be broken, it means the attacker only gets that one message and no more.
The problem with the Enigma was that the one time list of machine settings used one setting for a whole day. The Enigma encryption itself had defects which allowed Bletchly Park to find the day settings and thereby unlock a whole day worth of messages.
Well, it's harder to prove that something is impossible, than that it is possible. After all, the latter takes only one example. Maybe it's time for a "Mission Impossible" chip. On the surface of the chip, would be two thin layers that result in a thermal explosion if combined, separated only by a thin polymer layer. Some arrangement would be necessary to prevent removal of only one layer. Any tampering would set it off.
