Question: If our pics can 'code protect' themselves, why would we want to encrypt [for example] a user password, when its not possible for a potential hacker to get the password of our chip anyway?

the reason i ask is because ive been trying to learn how encryption works. see the image below for possibly the best explanation of a simple encryption below. when reading this, the above sprang to mind. why do i need to encrypt something? how would someone be able to read a persons password? the answer is i dont know. anyone care to divulge?

cheers, phil

Hi phil,

While "Protecting" code space in a pic does make it more difficult for someone to get your data out of it. It's not invulnerable. With enough determination and a bit of money, everything in the chip can be retrieved.

With that in mind, if they can get the data, they can get the encryption key or decryption key, whichever is available. So really, encrypting something on the chip won't really do much for you.

Where it will be of good use is encrypting data that will be sent out or in via RS232 or through a network, or anywhere that someone could intercept the data.

Another use might be to encrypt data that is in an external EEPROM. Those can be read very easily.

Best regards,
   Darrel

ok cheers darrel, so basically what your saying is that there is no set way of hiding a password from a potential hacker in a pic?
since the password would be encrypted, we would need a keyword, but then that would need to be encrypted with another keyword etc etc.
how would i go about hiding information in a closed system?
how do computers do it?
and finally, how does the pic's code protect work?

thanks, phil

Here's an interesting PDF file from Microchip that describes 4 different encryption techniques for the 18F chips. Unfortunately the actual modules available for download are written for C or assembly, but the PDF gives some good info on how it's done.
Data Encryption Routines for the PIC18   AN953
http://ww1.microchip.com/downloads/en/AppNotes/00953a.pdf

Or, this one for 16F's
Advanced Encryption Standard Using the PIC16XXX   AN821
http://ww1.microchip.com/downloads/en/AppNotes/00821a.pdf


and finally, how does the pic's code protect work?Other than what's in the data sheets, it's hard to say. But, here's a couple of ways it doesn't work.

This site shows how to retrieve data from a code protected 12C508A.
http://www.rampantapathy.co.uk/12c508a.html

The 16C84 seems to be the easiest to defeat.
http://www.brouhaha.com/~eric/pic/84security.html

Darrel

hmmmm..... thanks again darrel. i guess microchip dont want people to know their tricks :) very interesting.

thanks, phil

Hello Rastan,

Rastan>>hmmmm..... thanks again darrel. i guess microchip dont want people to know their tricks very interesting.<<

Darrels correct. Anything can be cracked. Mico's down to anything. Sometimes it may be critical to make sure its a little more secure than the average security, so you work extra hard to pay off. Look at the intel chip in your computer. Crack that baby, and what do you have? (ALOT!!! except when you try and use it for something other than yourself...then you have copywrite, EUA, and all other licenses you broke. You will also be sued too <g>. Thus, encryption is a variable that *you* control. the real questions comes down to the following:

1. How valuable is it?
2. How much time do you spend?
3. What are the odds you find that .00001 person who wants it that bad?

Dwayne