I am planning to develop a commercial project where I will receive information from a module (GPS for example).
Is there any way to verify if these data come from the module that I sold and not from another one modified / altered by the client?
I was thinking something like writing a token in his EEPROM memory and checking it when Espruino started, but I do not know if this is possible.
Maybe you can help me!
Thank you in advance.
One question is about the GPS module: How much dominion do you have over this module?
I the module has a rolling encryption / (private) key generator in it and you can setup the key-pair, you can detect whether the data comes from the module you provided vs. a plagiat.
There are pretty small - I2C EEPROM protocol compatible - ICs available that may help you with this. It boils then down to the cost whether this is still a business... or becomes a useless charity.
Some obfuscation combined with collateral information may be economically more viable and may still be 'secure' enough.
So you'd like to verify the identity of the GPS module itself? Or of Espruino?
If it's Espruino itself then you can actually check getSerial() - which is a laser-etched unique per-chip serial number. If you really want to lock things down you could use that number to decrypt your source code at boot time - so it'd be quite difficult to reverse engineer.
For the GPS I guess it depends if you have any control over the GPS module itself. If it's an off the shelf module then you'll be quite limited - you might be able to find a manufacturer specific command that returns a unique ID for the module though (or EEPROM as you say) - but anyone snooping on the connection could then figure out what was in the EEPROM and write the same thing to their module.
If you have your own microprocessor on the module then you've got a bit more control. You could for instance send some random text to the module, have the module encrypt that text somehow with its own key, and then compare that returned code on the host. It's quite a lot of effort to go to though!
Here the reference about the type of crypto devices I was talking about: MICROCHIP Security ICs. And I'm sure that MICROCHIP is not the only one with such offerings.
About 2 years ago I was looking into this - for message encryption. But then Espruino added https support... and my work came to a halt. I already got devices but they never consumed any power so far... :(
As @allObjects says, adding one of those ICs would be perfect. It's far more secure than using an EEPROM since you can't just copy its contents.
Another (cheap) option is to add a OneWire device - those have 64 bit unique IDs that are set at the factory. The only way to duplicate them would be to make your own fake OneWire device with a microcontroller, which I doubt anyone copying your device would be willing to do.
Many thanks friends !
Most of these concepts are new to me, so I'll invest a little and when I can create a solution I'll pick it up!
The subject is that the GPS module is standard, I do not have so much control over it.
The other issue that worries me is ..
Beyond the security method you choose, if I create a bridge between the GPS module and ESPRUINO, can I see / change your information? I think it's called "Snooping" (As I read above)
Thank you very much for your answer
The issue is that apart from protecting my device against physical copy, I need to rely on the information provided by the GPS. It is so that the device can be used in a stated range.
GPS modules use something called NMEA to communicate. It happens over a standard two-wire serial link. If I'm honest it would be relatively easy for someone skilled to 'fake' a GPS module and the coordinates coming from it - and even if there was an EEPROM accessible on the GPS they could fake that in software too.
Perhaps someone else has some ideas, but I'd say that it would be difficult to 100% know for sure that the coordinates coming from a GPS were genuine.
Would one idea validate the following?
Espruino sends this data to the cloud and from there:
If that latitude and longitude change, then it is an invalid token.
If the internal algorithms match, then they are correct data.
This for the moment seems a good idea.
But for that I have to trust that the encoding algorithm generates the token based on its length and latitude can not be observed, and that leads me to my other post http://forum.espruino.com/conversations/310068/ # comment13841208
Yes, that would work - however you're telling me you are planning to use an off the shelf GPS module? If so, how are you planning to get that token added?
Don't worry about formatting, just type in the text and we'll take care of making sense of it. We will auto-convert links, and if you put asterisks around words we will make them bold.
For a full reference visit the Markdown syntax.
© Espruino, powered by microcosm.
Report a problem