new | ask | show | jobs
tracker1 2 days ago  [ - ]

If your keys are in 3/4 parts, that's probably sufficient...

You bake in a public key for the device/projector... you sign the files on disk against the private key (for the encrypted hashcheck as a sanity check), you use an IV that combines with a secret key on the device to decrypt the file.

As long as you aren't too obvious, this would make the effort to play your own files at a different level without opening the device. Once you're willing to do that, you're probably going to be able to maybe just push your own firmware, which is a different issue.. assuming most of the internal are common/available hardware with relatively open/common reference implementations. For a $10/pound device, I'm guessing so.

In the end, it was probably as much about satisfying the content rights holders as anything else. If it looks like a lock, it doesn't matter if you can cut it off with scissors.

lxgr a day ago  [ - ]

For the concern of making tags harder to clone: Cheap contactless tags usually don’t support asymmetric cryptography (not even ECC), so this would significantly increase the BOM.

If the tags only carry the keys as storage media instead of using them for authentication, all cloning considerations apply again.

For not allowing playback of user files, this would be doable since the SoC is presumably freely programmable, but now you’re facing another problem:

Do you use one global key (then only one compromised projector is enough to break the entire system and the economics), or do you use a per-device key, which requires installing these keys at manufacturing time and individually recording each SD card?

Real-world defense is really not as trivial as the armchair security blogger perspective suggests.

tracker1 19 hours ago  [ - ]

Of course... I'm just talking about raising the bar enough so that it would take a bit more than some casual observations to crack. Per my final statement in GP comment.

> In the end, it was probably as much about satisfying the content rights holders as anything else. If it looks like a lock, it doesn't matter if you can cut it off with scissors.

Most locks get broken eventually... the locks on houses, for example, rarely actually secure the home from intrusion... you have windows that are easy to break and enter/exit. It's about adding a modest effort in order to deter such action... nothing will ever stop it altogether. There's a difference between minimal effort, best appropriate effort, creating Fort Knox around your content and doing nothing at all.