Forum Rule: Always post complete source code & details to reproduce any issue!
Results 1 to 6 of 6

Thread: Teensy 3.6 as Usbdongle

  1. #1
    Junior Member
    Join Date
    Jun 2019
    Posts
    4

    Teensy 3.6 as Usbdongle

    Hi! Im searching way to use the Teensy as an Usb dongle like elicenser - is this possible?
    I will try simply to protect my own Software from piracy with an teensy..😁👍

  2. #2
    Senior Member pictographer's Avatar
    Join Date
    May 2013
    Location
    San Jose, CA
    Posts
    664
    Should be possible. You control the software at both ends. The Teensy has persistent memory to store keys and licence parameters. The Teensy can run authentication algorithms and other crypto functions. There are security settings to prevent read back and to prevent rewriting the software, though I don't know what assurances the manufacturer of the main MCU offers regarding difficulty of getting past these..

  3. #3
    Senior Member
    Join Date
    Apr 2013
    Posts
    1,883
    That said, unless you are planing to actually leave some critical part of your code out and actually execute on a Teensy or use the crypto hardware you can probably use the smaller 3.2 or even an LC if the aim is just to do some form of rolling code or value lookup process. All of them broadly similar hardware protection against reverse engineering/code download (expensive to defeat but not impossible).

  4. #4
    Senior Member PaulStoffregen's Avatar
    Join Date
    Nov 2012
    Posts
    20,301
    On all the Teensy 3.2, 3.5, & 3.6, you can turn on the code security lock by editing FSEC in mk20dx128.c.

    But read the comments carefully regarding the caveats of using the code security lock. The main issue is the Program button behavior changes. Normally it just enters programming mode. If you touch it accidentally, you can always just power cycle the board. Nothing gets erased or changed until you actually upload with Teensy Loader. But when security is locked, pressing the button causes a full wipe of all flash and eeprom memory. Of course, if you do this and then upload new code with Teensy Loader, then that's good. But if you accidentally touch that button when security is locked, all your code is fully erased.

  5. #5
    Junior Member
    Join Date
    Jun 2019
    Posts
    4
    Ya my idea to block the reverse engineering is simple.. i will full block the the reading of the internal flashmemory so no one can read out what the code is..
    https://www.pjrc.com/teensy/K66P144M180SF5RMV2.pdf
    See Chapter 9, Security - its very easy to do this.. xD
    My idea is to make an mainexecutable with defined Parameters but without values(that means that all values are zero).. the correct varibale values are only storaged encrypted in the teensy and only an vailed serial where is entered on an keypad will unlock the datatransfer to the pc.
    other thinks like memory modification check can be handled with hashes like SHA-1 if an hash wrong will the value transmission be blocked, and the programm crashes, just an idea.

  6. #6
    Senior Member pictographer's Avatar
    Join Date
    May 2013
    Location
    San Jose, CA
    Posts
    664
    If you're up for it, I think you can make it more convenient and more secure. What you described doesn't protect against replay attacks. Imagine the attacker uses a Bus Pirate or USB protocol analyzer to capture the traffic between the Teensy and your software. With that information, they can program their own Teesny to replay the values and activate your software.

    If you implemented mutual authentication based on a challenge-response scheme, the attacker could record valid authentications for years with very little chance of seeing the same challenge/response pair twice. This has the UX benefit that the user doesn't need to key in a serial number, except during enrollment; or maybe the provisioning would be done as part of order fulfillment and the user would never need a keypad.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •