Master code generation

Go To Last Post
15 posts / 0 new
Author
Message
#1
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Hi,

I have now designed and i am testing an electronic lock which uses a keypad. What i want to know is does anyone know how I can give each lock its own master code which will stay with the lock.

At the moment I declare the master code with a global variable, but this would be hard to do in production as each one would have to be typed into the program can someone give me any ideas how this is overcome.

thanks

James

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I assume your product uses an avr, which has flash and eeprom. The eeprom file could be generated by a pc program that generates the unique lock code.

Imagecraft compiler user

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

So would the program just generate the code then write it to a specific area within the EEPROM. If so would it always be in the same area of the EEPROM

Also how would this program be written, do you have any ideas.

thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I assume if you build 10,000 locks, they must all be programmed. I hope there is a production programmer that the board houses use to burn chips after they are soldered on boards. I assume some clever manufacturing engineer could have the lock generator program generate 10,000 .eep files, and the board stuffer/programmer will put the same .hex file and the next .eep file in every avr.

Imagecraft compiler user

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

That sounds good to me, get someone else to do it!
At the moment i intend on having the IC's pre-programmed before they are soldered. This would save on designing and building a programmer myself, all i would need to do is to make a tester to read off the code once built so we can give the number to the user.

thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Some people have reported that first locations in EEPROM can be prone to error if power goes out so maybe avoid those locations...

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

But if there was a way for a tester to read off the code then what's to stop the burglar doing the same thing? The point is that you have to think up a number, program it into this device and then use the security bits on the AVR in whatever way is necessary to prevent either your tester or anyone else ever being able to access the code again - otherwise this thing isn't a lock it's an open door!

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

To get to the IC the burgular would have to break the lock off, so there would be no reason to read the code off. I know what you mean though, at first i thought about entering the program in a single use mode. The end user would have to first enter there master code then a flag would be set so the lock starts up in it normal mode from then on. The problem with this is if they forget this code the lock would have to be destroyed.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Just some thoughts...
You could have a light sensitive component or some microswitch which make the lock impossible to tamper with when top is opened.
You probably need your own "master code" equal to all locks so that you are able to program another master code if needed. Your own "master code" will switch off the safety gadgets so you can remove the top of the box.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Lennart,

These are good ideas, but the fact is if someone wanted to go to the trouble of getting into the lock they could just as easy break the door.

The reason i want to have a master code for each unit is so if someone forgets there code they can come to us and we can give them the master code. This way the lock would not need to be destroyed.

thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Another possibility:

Leave the EEprom cell blank (0xFF) during ISP programming.
When your software sees all the 0xFF it refuses working, but waits for a code (USB,RS232,Keypad...)
Once the code is written into the EEPROM it can´t be changed (by the user) but the controller strats working it´s usual way.

The benifit i see is that you have "virign" boards.
You test it with a connection to a PC (this should be done without code) and after all test is OK the PC calculates a code number stores it in a database and prints out a label with the code. (in the database you can have the end-users name and address)
In my case the code is the serial number where i can see date of test combined with an increasing number.
Maybe for week 17 in 2007, 34 part programmed this week it could be like this: "0717034"
For enabling some features the enduser gives me the code and i give him a calculated/encrypted number....different for every feature and code.

Klaus
********************************
Look at: www.megausb.de (German)
********************************

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Master lock.

You can calculate an lock number connected with the serialnumber.
So if the enduser forgets the lock then he mails you the serial number and you can (calculate and) send him the lock number anew.
Take care of your calculation formula!

Klaus
********************************
Look at: www.megausb.de (German)
********************************

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

If someone destroys the door (with a chain saw?) than there is trouble for the owner of the lock.
If someone can tamper with the lock and get inside without destroying the door there might be trouble for the company that designed the lock...
(edited for missing word)

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Lennart,

This is true I think i need to speak to my manager and discuss the security level of this product. As always it will come down to cost!

MegaUSBFreak,
I agree that the method of writing the data then a printout with name and address would be good, but we will not be selling to the end user. We sell to manufactures of lockers, cabinets and furniture. No matter what the process i think i will have to create a database of all units along with there master codes. I am not sure how this will be controlled though as how do i know the person asking for the code owns the lock.

thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Quote:
MegaUSBFreak,
I agree that the method of writing the data then a printout with name and address would be good, but we will not be selling to the end user. We sell to manufactures of lockers, cabinets and furniture. No matter what the process i think i will have to create a database of all units along with there master codes. I am not sure how this will be controlled though as how do i know the person asking for the code owns the lock.

thanks

Ok, but we all have internet access.
You can buitl the database in a way that enduses can registrate online.

Klaus
********************************
Look at: www.megausb.de (German)
********************************