Tuesday, August 1, 2017

ESP8266 anti cloning system



If you are investing time and money in developing a new module you want to have confidence that no one will clone it.

Assuring the authenticity of a product is a good for your brand image. No one wants that his nice and cheap power socket to also mine bit coins for someone else or do a DoS attack based on an external command. So, be aware on cheap IoT devices.

Since the flash memory of ESP8266 is external to the MCU then you will need an external encryption chip ( ATSHA204 EUR 0.5) that helps to authenticate your module.



Features:

  • Crypto Element with Protected Hardware-based Key Storage 
  • Secure Symmetric Authentication Device Host and Client Operations
  • Superior SHA-256 Hash Algorithm with Message Authentication Code (MAC) and Hash-Based Message Authentication Code (HMAC) Options 
  • Best-in-class, 256-bit Key Length; Storage for Up to 16 Keys
  • Guaranteed Unique 72-bit Serial Number 
  • Internal, High-quality Random Number Generator (RNG) 
  • 4.5Kb EEPROM for Keys and Data  512 bit OTP (One Time Programmable) Bits for Fixed Information
  •  Multiple I/O Options ̶ UART-compatible High-Speed, Single-Wire Interface ̶ 1MHz I2 C Interface
  • 2.0V to 5.5V Supply Voltage Range 
  • 1.8V to 5.5V Communications Voltage Range 
  • <150nA Sleep Current 
  • Secure Download and Boot ̶ Ecosystem Control ̶ Message Security ̶ Anti-Cloning 
  • 8-lead SOIC, 8-lead TSSOP(2), 3-lead SOT23, 8-pad UDFN, 8-pad XDFN, and 3-lead CONTACT Packages

Applications:

  • Secure Download and Boot 
  • Ecosystem Control 
  • Anti-cloning 
  • Message Security


Basically the ESP will compute a challenge and pass it to the encryption chip. Solution for the challenge is then compared with the expected one and if both matched then the board is authentic. The ESP8266 will not start if the challenge is not solved correctly.

ATSHA204 Challenge Response


The chip I've used is the ATSHA204 and it has I2C and SWI as interfaces.

You can read the Application Notes here.


SWI interface



And the I2C version.

I2C version

First check if some how the chip is not altered before arrives to you. Check the default registers values with the default values from the manual, so between factory and you nobody altered the chip.

Here you will find all documentation related to the chip, how to configure it, how to debug it and more.

Trying to clone an ESP8266 module:


Anti-cloning system in action