[Avila] How I can protect my program from not authorized reading via JTAG?

[Nikita Tabatsky]

------=_Part_11054_20918605.1172139912905
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Thanks Tim and Gordon for your answers.

I have understood, unfortunately ixp425 have not internal flash memory (such
as for example MSP, AVR, and other flash based uC),
 therefore can not disable JTAG

And one more question:
Can the program know that it is started with JTAG?

Nikita

On 2/15/07, Gordon Edmonds <gedmonds at gateworks.com> wrote:

The difference with the MSP430 is that the software is held in internal
> Flash in the microcontroller. It never needs to come out. If you were to
> put
> software in the Flash on a GW2348 and "blow the fuse", the CPU would never
> be able to read it.  That's why StrataFlash parts don't have security
> fuses...
>
> Gordon Edmonds
> Gateworks Corporation
> 3026 S. Higuera Street
> San Luis Obispo, CA 93401
> 805-781-2000
> gedmonds at gateworks.com
>
>
> -----Original Message-----
> From: David Acker [mailto:dacker at roinet.com]
> Sent: Thursday, February 15, 2007 10:54 AM
> To: Avila
> Subject: Re: [Avila] How I can protect my program from not authorized
> reading via JTAG?
>
> Tim Harvey wrote:
> > Nikita,
> >
> > I've often thought about this as well.  There really isn't any way to do
> this.  For starters, Gateworks programs the firmware on their boards using
> the JTAG connector, so the connector will always be loaded on the
> board.  If
> they were to move to pads/testpoints vs a physical connector this would
> make
> it more difficult for someone not familiar with the board to read but
> certainly not for the resourceful.  That said, removing the connector
> and/or
> possibly resistors that may link that connector to the JTAG chain would
> make
> it more difficult but not for the resourceful.
> >
> > In my opinion, because you will never be able to keep someone from
> reading
> the JTAG chain you would have to do something to encrypt/protect the info
> from the flash they would be able to read which may require quite a bit of
> bootloader/kernel modification.
> >
> > Of course, regardless of the time/effort/$$ you put into protecting a
> system if someone really wants to get into it and has the know-how they
> probably will (ie, XBOX, XBOX-360, DVD CSS encryption, DVD-HD and Blueray
> -
> these have all been hacked)
> >
> > I wonder if there is a way to 'blow' the JTAG circuits on some/all of
> the
> devices to make it impossible to read via JTAG (and impossible to
> re-program
> a bricked board).
> >
> > Tim
>
>
> I used to use TI's MSP430 and http://www.softbaugh.com sold a JTAGer
> that would do exactly that for use in manufacturing.  Put the software
> on it and blow the fuse.
> -Ack
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: avila-unsubscribe at lists.unixstudios.net
> For additional commands, e-mail: avila-help at lists.unixstudios.net
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: avila-unsubscribe at lists.unixstudios.net
> For additional commands, e-mail: avila-help at lists.unixstudios.net
>
>

------=_Part_11054_20918605.1172139912905--