RPiDRM module allows software developers to control digital rights for their software/IP. The extension module implements several cryptographic functions (ECC asymmetric encryption, AES symmetric block encryption, true random key generation, Diffie-Hellman key exchange, ECDSA) that provides counterfeit detection (copy protection), off-board data encryption for secure server-client communication with safe password storage and handling. Communication between the Pi and the RPiDRM modules is based on UART at the moment, I2C support is under development.
The Pi itself does not enable you to keep your software from being copied and used in any number of instances. Copying and SD card is easy and straightforward. By adding the RPiDRM module to your setup, your software runs as intended only if the corresponding PiDRM device is connected. Cloning or mimicking and RPiDRM device is extremely difficult, due to the security cryptographic algorithms provide.
Plug and use with your standard Raspberry Pi.
Easy installation in a few steps:
- Insert periodic DRM check code
- Set your public key
- Plug your PiDRM device
- Done, your software is protected
See more details below or download the technical specification.
The primary use-case of the device is to check whether the genuine PiDRM device is connected to the Raspberry PI or not (based on the ECDSA algorithm). We provide a C-based static library that handles the communication with the device and the validation process. Your application needs to start the library and handle “genuine” and “not genuine” cases.
Secondary use of the device is to store secret passwords and encrypt data (AES) off the Raspberry PI, in the Pi-DRM, and send encrypted packets to servers that also have access to the specific AES keys, thus being able to decrypt messages. Read protection can be applied to keys, preventing users from reading them out. Multiple independent AES channels are available.
Copy protection for any (C/C++) software
on Raspberry Pi.
Only with a few additional rows of source code in your application.
Show me some source code!
Visit our homepage on GitHub to see examples and use cases for PiDRM.
Communication between the Pi and the RPiDRM board is based on UART at the moment (standard 115200 8N1). I2C support is being developed. The applied protocol implements packetization and error detection.
Four independent AES channels are available to encrypt/decrypt custumer data packets. Each channel can be configured with different passwords (generated or defined) and protection bits (read/write protection).
The device implements ECDSA (Elliptic Curve Digital Signiture Algorithm) for genuine detection. Individual or group key modes are available for genuineness tests. The private key for the individual mode can only be generated randomly and read as long as the read protection is not set. The group key can be set manually to create multiple interchangable RPiDRM units for you or your customers. The public key can be read (if enabled) or stored on the Pi. A device is considered genuine only if matching private and public keys are used.
Keys can be set manually or generated. Key generation is based on true random number generation. Multiple hardware entropy sources are used to provide real randomness. Keys can be secured by read/write lock bits.
UART communication is secured by Diffie-Hellman key exchange and AES encryption against evesdropping.
How to install PiDRM in four steps?
DRM for Raspberry Pi
HU, 1102, Budapest, Szent László tér 20.
+36 1 260 5869