I want to use Flash Encryption without Secure Boot. Otherwise, I get a very complex process of manufacturing products. I flash my encryption app and encryption key and etcetera ... and i am make write protect efuse by
espefuse.py --port PORT write_protect_efuse FLASH_CRYPT_CNT
What could be the vulnerability of such code?
Do I need still to use a secure bootloader?
Using Flash Encryption without Secure Boot
Re: Using Flash Encryption without Secure Boot
Without secure boot a hacker could flash executable code that could read out decrypted flash?
Re: Using Flash Encryption without Secure Boot
I'm interested in what can a hacker if i write protect efuse FLASH_CRYPT_CNT
Re: Using Flash Encryption without Secure Boot
Sorry, missed the write protect bit. It seems that would prevent you writing a modified stub to RAM and executing an exploit on it, but you never want to update devices ever again? It feels brave when more heavily resourced embedded products than mine in my sector get 10 update versions in 5 years, for issues unforseen. What if a security weakness that could read flash is found then all your devices in the field would remain vulnerable? Maybe depends on your market.
Re: Using Flash Encryption without Secure Boot
My devices get updates via OTA, so there's no problem. I was just wondering if I could understand the point of using secure bootloader when blocking write to this fuse. As a result, I don't see the need for secure bootloader in this case, but I decided to use secure bootloader in my project (with a fixed key). Because it does not complicate the production process and adds a bit of security. Otherwise, it takes about 2 minutes to create a new key and recompile the project for each device.
Also I use Flash Encryption (with fixed key) one for all devices. And transfer of already encrypted OTA data without further decryption when writing to flash.
Additionally, I use my encryption method for OTA files with decryption on the fly, when receiving OTA blocks. Also I add some individual information after the main OTA code (for example Mac address) to check it every time the device starts. Thus, it prevents copying the OTA partition between my devices.
I'm probably a maniac, but it works.))
Also I use Flash Encryption (with fixed key) one for all devices. And transfer of already encrypted OTA data without further decryption when writing to flash.
Additionally, I use my encryption method for OTA files with decryption on the fly, when receiving OTA blocks. Also I add some individual information after the main OTA code (for example Mac address) to check it every time the device starts. Thus, it prevents copying the OTA partition between my devices.
I'm probably a maniac, but it works.))
Who is online
Users browsing this forum: Gaston1980 and 182 guests