I'm another client that wants to protect my Intellectual Property and keys.
Currently I use a raspberry pi in an industrial case with a zymbit 4i security module which is very good for keeping the contents of the SD card private. See https://www.zymbit.com/zymkey/.
This uses the I2C communication from the handling of security negotiations during the startup process and does verification checks as well for tampering of original hardware.
I tried to see how to connect into the revpi I2C bus but don't see a way in. Only SPI is available through the PiConnect Bridge.
Can I connect into I2C ? Or how can I increase security.
I want to use this for all my industrial projects and replace using the traditional closed limited industrial solutions, but your limited security is a problem factor. For example If we buy a Siemens PLC S7-1500, it comes with security to access the logic and settings in the module.
I'm willing to work with you on this because as a product, RevPi is a great solution for my edge computer projects.
Security Concerns
> Currently I use a raspberry pi in an industrial case with a zymbit 4i security module which is very good for keeping the contents of the SD card private. See https://www.zymbit.com/zymkey/.
> This uses the I2C communication from the handling of security negotiations during the startup process and does verification checks as well for tampering of original hardware.
And how does this work around the fact that RPi does not support secure boot? What keeps an attacker from booting their own software and then emulating whatever the "real" software would do on the i2c bus?
If your IP is really important to you, better invest some(one's) time into analyzing this device.
Also, beware of any devices that use the ATECC508A or ATECC608A. According to Microchip website, they are "Not Recommended for new designs". I agree. Currently recommended module is the 608B. And even to use that one when facing physical security risks, you need to put a *lot* of thinking into it. I wonder if zymbit got things right.
> This uses the I2C communication from the handling of security negotiations during the startup process and does verification checks as well for tampering of original hardware.
And how does this work around the fact that RPi does not support secure boot? What keeps an attacker from booting their own software and then emulating whatever the "real" software would do on the i2c bus?
If your IP is really important to you, better invest some(one's) time into analyzing this device.
Also, beware of any devices that use the ATECC508A or ATECC608A. According to Microchip website, they are "Not Recommended for new designs". I agree. Currently recommended module is the 608B. And even to use that one when facing physical security risks, you need to put a *lot* of thinking into it. I wonder if zymbit got things right.
- FrancoTampieri
- Posts: 14
- Joined: 17 Nov 2020, 12:44
- Location: Imola
- Contact:
Hi does anyone consider this:
https://www.wolfssl.com/products/wolfboot
https://www.wolfssl.com/wolfboot-secure ... spberry-pi
maybe a nice alternatives and is free:
https://github.com/wolfSSL/wolfboot
https://www.wolfssl.com/products/wolfboot
https://www.wolfssl.com/wolfboot-secure ... spberry-pi
maybe a nice alternatives and is free:
https://github.com/wolfSSL/wolfboot
Disobedient Entrepreneur, IT Enthusiast, Senior Blockchain, Python, Odoo Developer with a dash of C#
I'm sure that WolfBoot is a great boot loader.
But how would one ensure that only an authentic wolfboot is booted?
See e.g. https://blog.nviso.eu/2019/04/01/enabli ... erry-pi-3/
And if the device is ever powered down, either the security keys are lost or need to be re-entered manually.
I think that zymbit tries to do something like this; it contains a coin cell. I'm sure the device makes attacks a bit harder, but I'm sure it's breakable with reasonable effort.
But how would one ensure that only an authentic wolfboot is booted?
See e.g. https://blog.nviso.eu/2019/04/01/enabli ... erry-pi-3/
You can add tamper detection: While the device is powered you can detect e.g. opened casing and then delete security keys. But someone might find a way to open the casing without triggering the alarm.The truth is that on a Raspberry Pi 3, it cannot
And if the device is ever powered down, either the security keys are lost or need to be re-entered manually.
I think that zymbit tries to do something like this; it contains a coin cell. I'm sure the device makes attacks a bit harder, but I'm sure it's breakable with reasonable effort.
- FrancoTampieri
- Posts: 14
- Joined: 17 Nov 2020, 12:44
- Location: Imola
- Contact:
Yeah the problem is that a 100% secure system can't exist our intention is to make life of industrial thief a little bit harder and not convenient. Starting from the hardware key for CAD sw every year some people hack and send virtual code key to hack the programs, for sure combining some techniques can be a good compromises.Wulf wrote: ↑04 Mar 2021, 15:51 I'm sure that WolfBoot is a great boot loader.
But how would one ensure that only an authentic wolfboot is booted?
...
...
I think that zymbit tries to do something like this; it contains a coin cell. I'm sure the device makes attacks a bit harder, but I'm sure it's breakable with reasonable effort.
Disobedient Entrepreneur, IT Enthusiast, Senior Blockchain, Python, Odoo Developer with a dash of C#
Hello everyone, we no longer recommend this procedure of filling the micro-USB socket with adhesive to make it unusable: viewtopic.php?p=4964#p4964
viewtopic.php?p=3667#p3667
viewtopic.php?p=3667#p3667