Protected Memory
Detailed Description
The microcontroller used in turbo does not have memory management unit, i.e. any application can access memory - RAM, EEPROM or PROGMEM - of any another application.
To overcome this security weakness turbo kernel provides Protected Memory. Protected memory is a one page in PROGMEM loader section of the MCU, which is securely locked with the help of hardware lock-bits provided by the MCU. This 256 bytes long page is divided into 15 blocks, each 16 bytes long. The access to the block is controlled by the kernel checking the application rights to perform desired operation:
- READ - read the block
- ENCRYPT - use the block as the twofish 128bit key to encrypt input
- DECRYPT - use the block as the twofish 128bit key to decrypt input
Each block has PROT_MEM_READ, PROT_MEM_ENCRYPT and PROT_MEM_DECRYPT access permisions, which are set when the block is created by prot_mem_make_block().
- Possible attack
- Turbo kernel checks whether the application trying to access the protected block is the owner of the block (application which created the block). In the case the attacker would find out how and where the current application identification is stored he could fake it and pretend he is the owner. But still he would be able to perform only the operation(s) that are permited.
- So how to create secure application?
- Use encryption. The main problem of encryption is how to securely store the initial (first, root) key for encryption (in case of symmetric keys).
Scenario - you want to be able to store incoming data (SMS, measured results) immediately and securely to SIM or memory card and you simply cannot ask user for the secret key (he is not available, device was reset, etc.). So the secret has to be stored somewhere, but not in EEPROM, or PROGMEM or memory card.
The solution is to store the secret key in the protected memory block with PROT_MEM_ENCRYPT permision only. This case is as secure as hardware permits, the block is in locked area and cannot be read - it can be used only for encryption.
Defines
Functions
Define Documentation
|
Indicate decrypt operation permision - block can be used for decryption. |
|
Indicate encrypt operation permision - block can be used for encryption. |
|
Indicate read operation permision - block can be read. |
Function Documentation
u8 prot_mem_decrypt |
( |
u8 |
id, |
|
|
u8 |
in[16], |
|
|
u8 |
out[16] |
|
) |
|
|
u8 prot_mem_delete |
( |
u8 |
id |
) |
|
|
u8 prot_mem_encrypt |
( |
u8 |
id, |
|
|
u8 |
in[16], |
|
|
u8 |
out[16] |
|
) |
|
|
b8 prot_mem_make_block |
( |
u8 |
attr, |
|
|
u8 |
block[16] |
|
) |
|
|
u8 prot_mem_read |
( |
u8 |
id, |
|
|
u8 |
out[16] |
|
) |
|
|
Copyright © 2004-2006 BLADOX
| Turbo version 1.2
|