topic Re: Any known problems w. Code Read Protection for LPC1769 in LPC Microcontrollers

Any known problems w. Code Read Protection for LPC1769

stenlarsson — Sun, 10 Sep 2017 10:30:45 GMT

Here it demonstrated how code read protection (CRP) is bypassed on the "LPC family"
https://www.youtube.com/watch?v=98eqp4WmHoQ

Are ISP implementations different between different family members?

I am using LPC1769, are there any known CRP problems known for this device?

Is there any way I can make the power analysis (etc.) more difficult?

Thanks!

Re: Any known problems w. Code Read Protection for LPC1769

hparracho — Wed, 20 Sep 2017 10:30:12 GMT

The bypass method demonstrated in the video is known for a very long time.

Still, I find the simplicity of how it can be done and systematically repeated quite worrying.

The lack of response and action from NXP is nothing but disturbing too, to be honest!

Re: Any known problems w. Code Read Protection for LPC1769

albertocapuzzo — Tue, 05 Dec 2017 22:46:56 GMT

It is really annoying that hackers spend so much time trying to compromise our embedded applications. Similar to LPC, I found that STM32 family was recently hacked with a very similar method (https://www.aisec.fraunhofer.de/en/FirmwareProtection.html).

Not to mention there’s a university team in Cambridge who has shared their experiences hacking lots of MCUs online (http://www.cl.cam.ac.uk/~sps32/NCL_2011.pdf).

I understand there’s a big difference between general purpose MCUs and tamper resistant MCUs for secure payments and transactions, but it’s still very frustrating. As a developer, I seriously hope NXP and other manufacturers work to make their entry level micros more resistant to these hacking threats.

Re: Any known problems w. Code Read Protection for LPC1769

ckphua — Thu, 07 Dec 2017 22:00:01 GMT

Apologies for the late response.

The LPC team is working on newer microcontrollers that are more resistant to such attack.