Firmware Obfuscation

Firmware Obfuscation

An incomplete framework (the flash programming code, the device's serial I/O code and the device's timer code has to be provided) for an obfuscating bootloader instead of an encrypting bootloader is presented in order not to infringe the US Export Control. This issue can be fixed easily by replacing the primitives (at least the hash function or the 128-bit block permutation) of the bootloader with secure code, and by omitting the writing of the obfuscation key into the firmware file (by commenting out line 18 of makeboot Program.cs; the obfuscated firmware file can be opened as a JSON file with TSF2JSON.EXE, see also https://www.tellert.de/?product=tsf).