Hello
I'm working on a project which use a K60 with MQX 4.2.0.
The board will have an Ethernet connection with an laptop home made software to control the board.
I need to implement a hardware license. I explain my need:
The board must be activated with a key (provided by a seller). The key must contain a time delay information (i.e: Must run until 3 April 2015)
The board will be equipped with the RTC.
But I have to protect myself against all attempts to divert license: Change current date, remove RTC battery to RAZ the date etc..
The board date will be set only by laptop software which will be placed in an "administrator mode"
Have you an example that is close near or far from what I want?
Thank:smileyhappy:
Take a look at http://www.codeproject.com and search for 'License'. The link below is in .NET, it has one of the better descriptions and the code could be transliterated to C:
Licensing systems in .NET - CodeProject
The security Gurus that hang out at places like Schneier on Security will tell you that what you are after is not possible.
Given enough time and resources anything can be broken. It becomes the question: Does the asset have the value to make it worth the time? Does the asset have value after the passage of time?
Take a look at some of the AppNotes and maybe you could use this as the hardware key being sold?:
http://www.ftdichip.com/Support/Documents/DataSheets/Modules/DS_USBKey.pdf
Securing a laptop is rather meaningless if the asset itself has Ethernet port. Just plug it into a different laptop.
Google 'sans embedded' for example: SANS Institute Embedded Assessment.
Use some type of Zero Prof Knowledge hand shake to allow setting of the RTC.
Understanding Zero-Knowledge Proofs - Schneier on Security
Is the RTC prone to environmental attacks? Put it in the oven or freezer makes it run slower/faster?
Hi Arnaud,
I think that perhaps the HTTP authentication is what you can use to ensure that no one is entering to your HTTP server. You can also use other tricks like changing the port where it is mounted like instead of typical (port 80) you can use the 1030. In addition, you can store the correct expiration date in flash, so, it doesn't matter if the battery is removed you then can know when it expires. You can also store in flash the current time. That way next time the battery is placed again you know the latest time.
The example that we have that includes HTTP authentication is the C:\Freescale\Freescale_MQX_4_2\rtcs\examples\httpsrv
I hope this helps you.
Have a great day,
Garabo
-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------