From 13d0f55865f8b1b851ce1e84597b144c5fd41662 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sun, 13 Sep 2020 23:15:43 +0000 Subject: GC --- .../GitRepositories%2Fuser%2Fjakob%2Ftamper.trac | 127 --------------------- 1 file changed, 127 deletions(-) delete mode 100644 raw-wiki-dump/GitRepositories%2Fuser%2Fjakob%2Ftamper.trac (limited to 'raw-wiki-dump/GitRepositories%2Fuser%2Fjakob%2Ftamper.trac') diff --git a/raw-wiki-dump/GitRepositories%2Fuser%2Fjakob%2Ftamper.trac b/raw-wiki-dump/GitRepositories%2Fuser%2Fjakob%2Ftamper.trac deleted file mode 100644 index 3763df2..0000000 --- a/raw-wiki-dump/GitRepositories%2Fuser%2Fjakob%2Ftamper.trac +++ /dev/null @@ -1,127 +0,0 @@ -{{{ -#!htmlcomment - -This page is maintained automatically by a script. Don't modify this page by hand, -your changes will just be overwritten the next time the script runs. Talk to your -Friendly Neighborhood Repository Maintainer if you need to change something here. - -}}} - -{{{ -#!html -

Cryptech tamper detection

- -

This is software for the Atmel AVR ATtiny828 MCU on the Cryptech alpha -board, rev02, implementing tamper detection and master key erasure.

- -

Overview

- -
   *************
-   * P A N I C *
-   *   button  *
-   *************
-    /
-   /
-  /
-AVR ---- SPI mux ---- FPGA
-            |          |
-            |         ARM
-           MKM
-
-AVR -- Atmel MCU
-FPGA -- FPGA
-MKM -- Master Key Memory, 23K640 SRAM
-SPI mux -- 2 x MC74AC244DW
-ARM -- ARM CPU
-
- -

The MKM holds the master key for the device.

- -

The AVR, MKM and the mux are all battery powered.

- -

The AVR and the FPGA are both sharing access to the MKM through the -mux, with the AVR connected to the pins used for deciding who's in -control of the memory. If the AVR doesn't actively grab control of the -MKM, the FPGA is in control.

- -

When the panic button is pressed, the AVR takes control over the MKM -and writes zeros to it as quickly as possible. In idle mode, i.e. when -the panic button is not pressed, the AVR tries to consume as little -power as possible.

- -

Building the software

- -

To build a .hex file suitible for uploading to a board with a -ATTiny828, a C compiler for AVR is needed, as wells a objcopy. On a -Debian system, the following command can be used for installing both:

- -
apt-get install gcc-avr binutils-avr avr-libc
-
- -

To build tamper.hex, type 'make' in this directory.

- -

To upload a .hex file to a board, the program avrdude can be used. On -a Debian system, the following command can be used for installing -avrdude:

- -
apt-get install avrdude
-
- -

If configuration for ATtiny828 is missing, the file attiny828.conf in -this directory could be appended to avrdude.conf:

- -
cat attiny828.conf >> /etc/avrdude.conf
-
- -

Often, a piece of hardware called "SPI programmer" is needed in order -to upload the .hex file to the target system. The one I've been using -has "sparkfun.com" printed on it. This small board has a mini-USB port -to connect to a host system and a header with SPI pins to connect to a -board with an AVR on it.

- -

To upload a .hex file to a board, use the upload.sh shell script in -this directory with the name of the file as the only argument:

- -
./upload.sh tamper.hex
-
- -

Depending on permissions on your host system you might want to run the -upload script as root.

- -

GPIO on Cryptech HSM rev.03

- -

The GPIO ports are located on JP5 (AVR_GPIO). From left to right, as seen when the marking is above the connector, the ports are:

- -
    -
  1. 3V3
    2. -
  2. PORTC0
    3. -
  3. PORTC1
    4. -
  4. PORTC2
    5. -
  5. PORTC3
    6. -
  6. PORTC4
    7. -
  7. PORTC5
    8. -
  8. PORTC6
    9. -
  9. PORTC7 -
      -
    1. GND
      2. -
    10. -
- -

Dependencies

- -

Debian

- - - -

Fedora

- - -}}} - -[[RepositoryIndex(format=table,glob=user/jakob/tamper)]] - -|| Clone `https://git.cryptech.is/user/jakob/tamper.git` || -- cgit v1.2.3