diff options
Diffstat (limited to 'raw-wiki-dump/GitRepositories%2Fuser%2Fln5%2Ftamper')
-rw-r--r-- | raw-wiki-dump/GitRepositories%2Fuser%2Fln5%2Ftamper | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/raw-wiki-dump/GitRepositories%2Fuser%2Fln5%2Ftamper b/raw-wiki-dump/GitRepositories%2Fuser%2Fln5%2Ftamper new file mode 100644 index 0000000..1e885b1 --- /dev/null +++ b/raw-wiki-dump/GitRepositories%2Fuser%2Fln5%2Ftamper @@ -0,0 +1,94 @@ +{{{ +#!htmlcomment + +This page is maintained automatically by a script. Don't modify this page by hand, +your changes will just be overwritten the next time the script runs. Talk to your +Friendly Neighborhood Repository Maintainer if you need to change something here. + +}}} + +{{{ +#!html +<h1>Cryptech tamper detection</h1> + +<p>This is software for the Atmel AVR ATtiny828 MCU on the Cryptech alpha +board, rev02, implementing tamper detection and master key erasure.</p> + +<h2>Overview</h2> + +<pre><code> ************* + * P A N I C * + * button * + ************* + / + / + / +AVR ---- SPI mux ---- FPGA + | | + | ARM + MKM + +AVR -- Atmel MCU +FPGA -- FPGA +MKM -- Master Key Memory, 23K640 SRAM +SPI mux -- 2 x MC74AC244DW +ARM -- ARM CPU +</code></pre> + +<p>The MKM holds the master key for the device.</p> + +<p>The AVR, MKM and the mux are all battery powered.</p> + +<p>The AVR and the FPGA are both sharing access to the MKM through the +mux, with the AVR connected to the pins used for deciding who's in +control of the memory. If the AVR doesn't actively grab control of the +MKM, the FPGA is in control.</p> + +<p>When the panic button is pressed, the AVR takes control over the MKM +and writes zeros to it as quickly as possible. In idle mode, i.e. when +the panic button is not pressed, the AVR tries to consume as little +power as possible.</p> + +<h2>Building the software</h2> + +<p>To build a .hex file suitible for uploading to a board with a +ATTiny828, a C compiler for AVR is needed, as wells a objcopy. On a +Debian system, the following command can be used for installing both:</p> + +<pre><code>apt-get install gcc-avr binutils-avr avr-libc +</code></pre> + +<p>To build tamper.hex, type 'make' in this directory.</p> + +<p>To upload a .hex file to a board, the program avrdude can be used. On +a Debian system, the following command can be used for installing +avrdude:</p> + +<pre><code>apt-get install avrdude +</code></pre> + +<p>If configuration for ATtiny828 is missing, the file attiny828.conf in +this directory could be appended to avrdude.conf:</p> + +<pre><code>cat attiny828.conf >> /etc/avrdude.conf +</code></pre> + +<p>Often, a piece of hardware called "SPI programmer" is needed in order +to upload the .hex file to the target system. The one I've been using +has "sparkfun.com" printed on it. This small board has a mini-USB port +to connect to a host system and a header with SPI pins to connect to a +board with an AVR on it.</p> + +<p>To upload a .hex file to a board, use the upload.sh shell script in +this directory with the name of the file as the only argument:</p> + +<pre><code>./upload.sh tamper.hex +</code></pre> + +<p>Depending on permissions on your host system you might want to run the +upload script as root.</p> +}}} + +[[RepositoryIndex(format=table,glob=user/ln5/tamper)]] + +|| Clone `https://git.cryptech.is/user/ln5/tamper.git` || |