Here it demonstrated how code read protection (CRP) is bypassed on the "LPC family"
https://www.youtube.com/watch?v=98eqp4WmHoQ
Are ISP implementations different between different family members?
I am using LPC1769, are there any known CRP problems known for this device?
Is there any way I can make the power analysis (etc.) more difficult?
Thanks!
Apologies for the late response.
The LPC team is working on newer microcontrollers that are more resistant to such attack.
It is really annoying that hackers spend so much time trying to compromise our embedded applications. Similar to LPC, I found that STM32 family was recently hacked with a very similar method (https://www.aisec.fraunhofer.de/en/FirmwareProtection.html).
Not to mention there’s a university team in Cambridge who has shared their experiences hacking lots of MCUs online (http://www.cl.cam.ac.uk/~sps32/NCL_2011.pdf).
I understand there’s a big difference between general purpose MCUs and tamper resistant MCUs for secure payments and transactions, but it’s still very frustrating. As a developer, I seriously hope NXP and other manufacturers work to make their entry level micros more resistant to these hacking threats.
The bypass method demonstrated in the video is known for a very long time.
Still, I find the simplicity of how it can be done and systematically repeated quite worrying.
The lack of response and action from NXP is nothing but disturbing too, to be honest!