Re: [coreboot] How to protect binary in flash chip? OTP?

2016-05-06 Thread Carl-Daniel Hailfinger 
On 06.05.2016 09:49, Patrick Rudolph wrote:
> On 2016-05-06 02:45 AM, Zheng Bao wrote:
>> Is there any way to protect the binary image in flash chip from being
>> copied? Once the customers
>> gets the image, they can produce millions of board and do not tell me.
>> I just want to know the
>> amount of the mass production.
>> [...]
> 
> As you want to execute code from it, it needs to be readable.
> Protecting it from software doesn't make much sense as you could just
> de-solder the flash chip.
> 
> I guess what you want to know is: Should a copied image boot on another
> board ?
> 
> I've got two solutions:
> 1.
> You could encrypt the binary and store the secret in a TPM.
> That way every board would have the same encryption key.
> No idea if this is possible on your platform and how much work it would
> be to implement in coreboot.
> That'd be a good GSoC project :-)
> 
> 2.
> If you don't have a TPM you could use serial numbers of
> CPU/Southbridge/SoC.
> That way every board would have it's own encryption key.
> But I guess the decryption code could easily be reversed engineered.

I wouldn't go with encryption, but rather with some check which refuses
to boot if serial number (SoC, MAC address, ...) and a hash of it (in
OTP) mismatch. That way even reflashing the board won't erase the hash
by accident, and you can just give the manufacturer as many OTP images
as needed. They just need to supply the serial numbers to you in advance.


> An end user would be able to do a backup and would be able to reflash
> the bios *on the same board*.

Yes, ability to reflash is important.

Regards,
Carl-Daniel

-- 
coreboot mailing list: coreboot@coreboot.org
https://www.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] How to protect binary in flash chip? OTP?

2016-05-06 Thread Zaolin 
Hi Zheng,

it is really hard to do that. I guess you'll need to have platform support
for such a feature. Maybe you could ask Christopher Tarnovsky
about such technologies (chris.tarnov...@ioactive.com). He is a
kind guy and an expert when it comes to security chips/technologies
on the hardware level :) .

Best Regards
Zheng

On 05/06/2016 02:45 AM, Zheng Bao wrote:
> Hi, All,
> Is there any way to protect the binary image in flash chip from being copied? 
> Once the customers
> gets the image, they can produce millions of board and do not tell me. I just 
> want to know the
> amount of the mass production.
>
> OTP seems to be a way, but it is not 100%. The data in OTP is readable and 
> can be copied to a new chip's
> OTP erea.
>
> Do you guys have any more suggestion?
>
> Zheng
>
> 



0xD81427AB.asc
Description: application/pgp-keys


signature.asc
Description: OpenPGP digital signature
-- 
coreboot mailing list: coreboot@coreboot.org
https://www.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] How to protect binary in flash chip? OTP?

2016-05-06 Thread Patrick Rudolph 
On 2016-05-06 02:45 AM, Zheng Bao wrote:
> Hi, All,
> Is there any way to protect the binary image in flash chip from being
> copied? Once the customers
> gets the image, they can produce millions of board and do not tell me.
> I just want to know the
> amount of the mass production.
> 
> OTP seems to be a way, but it is not 100%. The data in OTP is readable
> and can be copied to a new chip's
> OTP erea.
> 
> Do you guys have any more suggestion?
> 
> Zheng

As you want to execute code from it, it needs to be readable.
Protecting it from software doesn't make much sense as you could just
de-solder the flash chip.

I guess what you want to know is: Should a copied image boot on another
board ?

I've got two solutions:
1.
You could encrypt the binary and store the secret in a TPM.
That way every board would have the same encryption key.
No idea if this is possible on your platform and how much work it would
be to implement in coreboot.
That'd be a good GSoC project :-)

2.
If you don't have a TPM you could use serial numbers of
CPU/Southbridge/SoC.
That way every board would have it's own encryption key.
But I guess the decryption code could easily be reversed engineered.

An end user would be able to do a backup and would be able to reflash
the bios *on the same board*.

Regards,
Patrick

-- 
coreboot mailing list: coreboot@coreboot.org
https://www.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] How to protect binary in flash chip? OTP?

2016-05-06 Thread David Hendricks 
On Thu, May 5, 2016 at 8:39 PM, Zheng Bao  wrote:

> I don't protect my source. I gave the source to customers. I just want to
> protect binary.
> Customer doesnt know how to build.
>
> In a business, customer dont tell the correct production amount as what is
> wrote in the contract.


I think Patrick is correct when he mentioned that the only way to get the
information is with remote attestation. But that can become complicated and
if the customer is determined they may break the scheme.

Can you describe the business model in more detail? It appears that you
have a royalty-based agreement with the customer, but the customer is being
dishonest. Maybe others have a better idea of what kind of business
arrangements can work better in the future - Upfront payment for porting,
time-based support contract, etc.
-- 
coreboot mailing list: coreboot@coreboot.org
https://www.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] How to protect binary in flash chip? OTP?

2016-05-06 Thread Patrick Georgi via coreboot 
2016-05-06 6:49 GMT+02:00 Persmule :
> DRM methods cannot "protect" anything. They can only do harm to end users.
That's an interesting statement for a political outreach discussion
group (although the relevant activist groups probably beat that
particular horse to death several times over.)
Please note that coreboot@ isn't that kind of place.

To go back to the original question, any such approach fails here (at
least on somewhat regular x86/arm designs on the market):
> The data in OTP is readable

Since the CPU needs to read the flash at some point, you can't avoid
it to read it (without breaking the legitimate use case). Sounds
circular - because it is.
The only scheme that could allow you to figure out sales numbers would
be some remote attestation scheme - but they'd need to be interested
in using it in the first place (plus, there's the assumption that the
device is networked).


Regards,
Patrick

-- 
coreboot mailing list: coreboot@coreboot.org
https://www.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] How to protect binary in flash chip? OTP?

2016-05-05 Thread Persmule 
DRM methods cannot "protect" anything. They can only do harm to end users.

For example, I believe end users have the right to back up the content of the 
flash chip, in order to reflash it back once the content of the flash gets 
broken, just as we do when developing coreboot, which will become impossible if 
copy protection is applied.

As you have said, the problem seems only lying between you and some hardware 
vendors. I suggest you not let it harm end users of your code.

Please forgive my arrogence, but please, do not harm end users.

On Fri May   6 12:17:51 2016 Persmule <persm...@gmail.com> wrote:
> Sorry for my rudeness, but I do not believe copy protection, or any form
> of immoral Digital Restriction Management is able to be a solution to
> count products.
>
> On Fri May    6 11:39:54 2016 Zheng Bao <fishb...@hotmail.com> wrote:
> > I don't protect my source. I gave the source to customers. I just want
> > to protect binary. Customer doesnt know how to build.
> >
> > In a business, customer dont tell the correct production amount as what
> > is wrote in the contract.    It is not my fault.
> >
> >
> >
> > 
> > > From: persm...@gmail.com
> > > To: fishb...@hotmail.com; coreboot@coreboot.org
> > > Subject: Re: [coreboot] How to protect binary in flash chip? OTP?
> > > Date: Fri, 6 May 2016 10:41:44 +0800
> > >
> > >
> > > Don't you feel ashamed to ask coreboot, a free firmware project, for
> > >       copy protection techiques?
> > >
> > > On Fri May    6 08:45:51 2016 Zheng Bao    
> > > <fishb...@hotmail.com<mailto:fishb...@hotmail.com>> wrote:
> > > > Hi, All,
> > > > Is there any way to protect the binary image in flash chip from
> > > > being    copied? Once the customers gets the image, they can produce
> > > > millions of    board and do not tell me. I just want to know the
> > > > amount of the mass    production.
> > > >
> > > > OTP seems to be a way, but it is not 100%. The data in OTP is
> > > > readable    and can be copied to a new chip's OTP erea.
> > > >
> > > > Do you guys have any more suggestion?
> > > >
> > > > Zheng
> > > >
> > > >
> > > > --
> > > > coreboot mailing list:
> > > > coreboot@coreboot.org<mailto:coreboot@coreboot.org>
> > > > https://www.coreboot.org/mailman/listinfo/coreboot
> > >
> >                                 
>

-- 
coreboot mailing list: coreboot@coreboot.org
https://www.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] How to protect binary in flash chip? OTP?

2016-05-05 Thread Persmule 
Sorry for my rudeness, but I do not believe copy protection, or any form of 
immoral Digital Restriction Management is able to be a solution to count 
products. 

On Fri May   6 11:39:54 2016 Zheng Bao <fishb...@hotmail.com> wrote:
> I don't protect my source. I gave the source to customers. I just want
> to protect binary. Customer doesnt know how to build.
> 
> In a business, customer dont tell the correct production amount as what
> is wrote in the contract.   It is not my fault.
> 
> 
> 
> 
> > From: persm...@gmail.com 
> > To: fishb...@hotmail.com; coreboot@coreboot.org 
> > Subject: Re: [coreboot] How to protect binary in flash chip? OTP? 
> > Date: Fri, 6 May 2016 10:41:44 +0800 
> > 
> > 
> > Don't you feel ashamed to ask coreboot, a free firmware project, for   
> > copy protection techiques? 
> > 
> > On Fri May   6 08:45:51 2016 Zheng Bao   
> > <fishb...@hotmail.com<mailto:fishb...@hotmail.com>> wrote: 
> > > Hi, All, 
> > > Is there any way to protect the binary image in flash chip from
> > > being   copied? Once the customers gets the image, they can produce
> > > millions of   board and do not tell me. I just want to know the
> > > amount of the mass   production. 
> > > 
> > > OTP seems to be a way, but it is not 100%. The data in OTP is
> > > readable   and can be copied to a new chip's OTP erea. 
> > > 
> > > Do you guys have any more suggestion? 
> > > 
> > > Zheng 
> > > 
> > > 
> > > -- 
> > > coreboot mailing list:
> > > coreboot@coreboot.org<mailto:coreboot@coreboot.org> 
> > > https://www.coreboot.org/mailman/listinfo/coreboot 
> > 
>                                

-- 
coreboot mailing list: coreboot@coreboot.org
https://www.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] How to protect binary in flash chip? OTP?

2016-05-05 Thread ron minnich 
On Thu, May 5, 2016 at 7:54 PM Persmule  wrote:

> Don't you feel ashamed to ask coreboot, a free firmware project, for copy
> protection techiques?
>
>
>
>
Zheng Bao has nothing to be ashamed of, he made at least 187 commits to
coreboot from 2008 to 2015 -- and they were not simple ones by any means.

Your comment is unfair.

ron
-- 
coreboot mailing list: coreboot@coreboot.org
https://www.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] How to protect binary in flash chip? OTP?

2016-05-05 Thread Zheng Bao 
I don't protect my source. I gave the source to customers. I just want to 
protect binary.
Customer doesnt know how to build.

In a business, customer dont tell the correct production amount as what is 
wrote in the contract. 
It is not my fault.




> From: persm...@gmail.com 
> To: fishb...@hotmail.com; coreboot@coreboot.org 
> Subject: Re: [coreboot] How to protect binary in flash chip? OTP? 
> Date: Fri, 6 May 2016 10:41:44 +0800 
>  
>  
> Don't you feel ashamed to ask coreboot, a free firmware project, for  
> copy protection techiques? 
>  
> On Fri May  6 08:45:51 2016 Zheng Bao  
> <fishb...@hotmail.com<mailto:fishb...@hotmail.com>> wrote: 
> > Hi, All, 
> > Is there any way to protect the binary image in flash chip from being 
> > copied? Once the customers gets the image, they can produce millions of 
> > board and do not tell me. I just want to know the amount of the mass 
> > production. 
> > 
> > OTP seems to be a way, but it is not 100%. The data in OTP is readable 
> > and can be copied to a new chip's OTP erea. 
> > 
> > Do you guys have any more suggestion? 
> > 
> > Zheng 
> > 
> > 
> > -- 
> > coreboot mailing list: coreboot@coreboot.org<mailto:coreboot@coreboot.org> 
> > https://www.coreboot.org/mailman/listinfo/coreboot 
>  
  
-- 
coreboot mailing list: coreboot@coreboot.org
https://www.coreboot.org/mailman/listinfo/coreboot

Re: [coreboot] How to protect binary in flash chip? OTP?

2016-05-05 Thread Persmule 
Don't you feel ashamed to ask coreboot, a free firmware project,  for copy 
protection techiques?

On Fri May   6 08:45:51 2016 Zheng Bao  wrote:
> Hi, All,
> Is there any way to protect the binary image in flash chip from being
> copied? Once the customers gets the image, they can produce millions of
> board and do not tell me. I just want to know the amount of the mass
> production.
> 
> OTP seems to be a way, but it is not 100%. The data in OTP is readable
> and can be copied to a new chip's OTP erea.
> 
> Do you guys have any more suggestion?
> 
> Zheng
> 
>                                
> -- 
> coreboot mailing list: coreboot@coreboot.org
> https://www.coreboot.org/mailman/listinfo/coreboot

-- 
coreboot mailing list: coreboot@coreboot.org
https://www.coreboot.org/mailman/listinfo/coreboot