mirror of
https://github.com/tillitis/tillitis-key1.git
synced 2024-12-25 07:29:25 -05:00
Doc: move implementation details of RAM scrambling to RAM core
This commit is contained in:
parent
de8fcb8768
commit
1941a22007
@ -75,7 +75,10 @@ The memory is cleared by firmware before an application is loaded.
|
|||||||
|
|
||||||
The application RAM is available to use by firmware and applications.
|
The application RAM is available to use by firmware and applications.
|
||||||
|
|
||||||
MC: Is the scrambling here now?
|
The RAM core also implements (from the view of the CPU) transparent
|
||||||
|
RAM address and data scrambling. This scrambling is applied to make it
|
||||||
|
harder to extract application and application data from a memory dump
|
||||||
|
directly from the memory cores.
|
||||||
|
|
||||||
## `rom`
|
## `rom`
|
||||||
|
|
||||||
@ -132,21 +135,7 @@ should make it infeasible to improve asset extraction by observing
|
|||||||
multiple memory dumps from the same TKey device. The attack should
|
multiple memory dumps from the same TKey device. The attack should
|
||||||
also not directly scale to multiple TKey devices.
|
also not directly scale to multiple TKey devices.
|
||||||
|
|
||||||
The memory protection is based on two separate mechanisms:
|
The RAM address and data scrambling is done in de RAM core.
|
||||||
|
|
||||||
1. Address randomisation
|
|
||||||
2. Address dependent data randomization
|
|
||||||
|
|
||||||
The address randomization is implemented by XORing the CPU address
|
|
||||||
with the contents of the ADDR\_RAM\_ADDR\_RAND register in the tk1
|
|
||||||
core. The result is used as the RAM address
|
|
||||||
|
|
||||||
The data randomization is implemented by XORing the data written to the
|
|
||||||
RAM with the contents of the ADDR\_RAM\_DATA\_RAND register in the tk1
|
|
||||||
core as well as XORing with the CPU address. This means that the same
|
|
||||||
data written to two different addresses will be scrambled differently.
|
|
||||||
The same pair or XOR operations is also performed on the data read out
|
|
||||||
from the RAM.
|
|
||||||
|
|
||||||
The memory protection is setup by the firmware. Access to the memory
|
The memory protection is setup by the firmware. Access to the memory
|
||||||
protection controls is disabled for applications. Before the memory
|
protection controls is disabled for applications. Before the memory
|
||||||
@ -168,11 +157,6 @@ setup the memory protection:
|
|||||||
6. Receive the application sent from the client and write it in
|
6. Receive the application sent from the client and write it in
|
||||||
sequence into RAM.
|
sequence into RAM.
|
||||||
|
|
||||||
Future TKey devices may implement a more secure ASLR mechanism, and
|
|
||||||
use real encryption (for example PRINCE) for memory content
|
|
||||||
protection. From the application point of view such a change will be
|
|
||||||
transparent.
|
|
||||||
|
|
||||||
## `touch_sense`
|
## `touch_sense`
|
||||||
|
|
||||||
Provide touch sensor events to software.
|
Provide touch sensor events to software.
|
||||||
|
@ -23,6 +23,22 @@ ram_data_rand inputs as seeds for the scrambling mechanism. When data
|
|||||||
is read out it is descrambled before sent out on the read_data output
|
is read out it is descrambled before sent out on the read_data output
|
||||||
port. The scrambling functionality does not add latency.
|
port. The scrambling functionality does not add latency.
|
||||||
|
|
||||||
|
The memory protection is based on two separate mechanisms:
|
||||||
|
|
||||||
|
1. Address randomisation
|
||||||
|
2. Address dependent data randomization
|
||||||
|
|
||||||
|
The address randomization is implemented by XORing the RAM address
|
||||||
|
with the contents of the ADDR\_RAM\_ADDR\_RAND register in the tk1
|
||||||
|
core. The result is used as the RAM address.
|
||||||
|
|
||||||
|
The data randomization is implemented by XORing the data written to
|
||||||
|
the RAM with the contents of the ADDR\_RAM\_DATA\_RAND register in the
|
||||||
|
tk1 core as well as XORing with the CPU address. This means that the
|
||||||
|
same data written to two different addresses will be scrambled
|
||||||
|
differently. The same pair or XOR operations is also performed on the
|
||||||
|
data read out from the RAM.
|
||||||
|
|
||||||
Note: the scrambling mechanism is NOT a cryptographically secure
|
Note: the scrambling mechanism is NOT a cryptographically secure
|
||||||
function. Even if it was, a 32 bit key would be too short to add any
|
function. Even if it was, a 32 bit key would be too short to add any
|
||||||
security.
|
security.
|
||||||
|
Loading…
Reference in New Issue
Block a user