11
2
I am trying to copy-protect some work, which is a bootable SD card booting a Linux kernel on ARM device (Raspberry Pi). I am using this approach:
- The approach uses an initrd to mount an encrypted root filesystem.
- The initrd generates the filesystems' password according to the CID of the SD card. (a hash function is used, did not decide yet over md5 or sha1). Initrd will try to mount the filesystem using that generated password.
- Now here is the most interesting/suspect part: The initrd itself is encrypted using a custom C function, basically each byte is XOR'ed using a custom made pseudo random generator. Kernel is modified to have the same encrypting function, which works as decryptor.
- The system itself is stripped down so there is no way to use a keyboard or external storage. A single app runs full-screen.
So after the bootloader loads kernel and initrd, the kernel decrypts the initrd and executes its init script, which will generate the password and mount the root filesystem.
My question is: How easy it would be to break this setup (to decrypt the root filesystem and make it boot from any SD card)? What are the most weakest parts? How easy is to decompile the kernel and find those custom encrypting functions?
EDIT: Here are some corrections so you don't waste time with the obvious things:
- The root device will be encrypted with LUKS (aes256) and the key will be generated by some HMAC function using SD card's CID and some salt.
- The pseudo random algorithm for initramfs encrypting will be in fact RC4, just the key will be generated using some custom function, because if I just store the key in a byte array it makes it dead simple to retrieve it (yeah this is security through obscurity but there seem no other way).
- I understand that if using a SD card emulator someone can make a copy of this system start but this is OK with me, because its pretty difficult and not anyone can do this.(also not anyone will want to deal with emulators)
Where are the kernel and initrd stored? – user1686 – 2013-05-20T10:06:32.993
All are stored on a single SD card. Both in separate files. Stored as usual in /boot. – dimovnike – 2013-05-20T13:18:53.657