Question on security of .bin file

spyder0069
Posts: 35
Joined: Tue Jan 29, 2019 2:46 am

Question on security of .bin file

Postby spyder0069 » Mon Aug 26, 2019 7:43 pm

I happen to look at the .bin file created by arduino and noticed that there were several things that show up as plain text in it. I have variables that contain default passwords and such that I prefer not to be openly viewable.

In my project I use OTA so I need the bin files for that process. Is there a way to hide variables to not be stored as plain text in the .bin? Any other ideas how to protect sensitive info but still allow OTA?

ESP_Sprite
Posts: 9759
Joined: Thu Nov 26, 2015 4:08 am

Re: Question on security of .bin file

Postby ESP_Sprite » Tue Aug 27, 2019 3:35 am

The canonical way would be to have the encryption and authentication in the transport layer. Have the ESP32 connect to the OTA server using HTTPS, use some kind of shared secret to make sure that the server is actually talking to one of your boards and certificate pinning to make sure the board is talking to your HTTPS server, then send the bin file over the HTTPS connection.

spyder0069
Posts: 35
Joined: Tue Jan 29, 2019 2:46 am

Re: Question on security of .bin file

Postby spyder0069 » Tue Aug 27, 2019 4:06 am

I was probably not as clear as I needed to be. My project has things such as default wifi passwords, ftp site passwords and such. Things that I want to keep hidden but when I open the .bin file in notepad I am able to see these among the text at the top of the file. One thing that I noticed is it seems to be data that was assigned to a String variable. It seems if I put the data in a Char then it doesn't show up in the .bin as plain text. I do use a lot of String variables and am pretty far along on the project. I may convert just the variables that are sensitive. Is there anyway of preventing the String variables from showing up as plain text in the .bin?

ESP_Sprite
Posts: 9759
Joined: Thu Nov 26, 2015 4:08 am

Re: Question on security of .bin file

Postby ESP_Sprite » Tue Aug 27, 2019 6:25 am

Well, if you have the binary and don't encrypt it with a key that's not retrievable from the outside, things like the password can *always* be found out. Worst case, someone programs the bin file into a new esp32 and sets a breakpoint on the location where WiFi starts up; you can just read the password from RAM that way.

What's your threat model here? What attacks are you trying to stop people from doing, and what data (presumably WiFi username/password) are you trying to protect, and from whom?

spyder0069
Posts: 35
Joined: Tue Jan 29, 2019 2:46 am

Re: Question on security of .bin file

Postby spyder0069 » Tue Aug 27, 2019 1:01 pm

Every home has a lock set. However, you do have people that can pick the lock, use bump keys, or simply kick the door in. Yet we use a cheap lock set because it provides good enough security. I understand there will always be a way someone can find a way in but I just don't want to leave the door wide open. :D

This is a project that will be going into production. The wifi password would be used in the production environment for pretesting. Having to type it in manually would slow things down. While the shop is remote and I will have a separate router that it attaches to I just prefer info such as this not to be easily seen by the public. There is some other info such as this that has the same sensitivity.

spyder0069
Posts: 35
Joined: Tue Jan 29, 2019 2:46 am

Re: Question on security of .bin file

Postby spyder0069 » Tue Aug 27, 2019 7:35 pm

Looks like I was wrong the char array. It doesn't show up in the .bin initially but if you do something with it then the value shows as plain text as well.

chegewara
Posts: 2376
Joined: Wed Jun 14, 2017 9:00 pm

Re: Question on security of .bin file

Postby chegewara » Tue Aug 27, 2019 8:13 pm

You could use 2-3 char arrays that will be concatenated just before connecting to wifi AP.

spyder0069
Posts: 35
Joined: Tue Jan 29, 2019 2:46 am

Re: Question on security of .bin file

Postby spyder0069 » Tue Aug 27, 2019 8:41 pm

That is actually what I was just working on. :^) I would just use ssid and passwords that were scrambled letters and have my array out of sequence too. Kind of the long way around the issue.

ESP_Sprite
Posts: 9759
Joined: Thu Nov 26, 2015 4:08 am

Re: Question on security of .bin file

Postby ESP_Sprite » Wed Aug 28, 2019 4:45 am

spyder0069 wrote:
Tue Aug 27, 2019 1:01 pm
Every home has a lock set. However, you do have people that can pick the lock, use bump keys, or simply kick the door in.
Sure, that is why I asked about your threat model.

If these credentials indeed are only used for testing: Any chance you can e.g. store the credentials you need somewhere else than in the program (e.g. an NVS-partition in flash), then just bulk-erase that partition in the last step of testing? No one can decypher what's not there ;)

spyder0069
Posts: 35
Joined: Tue Jan 29, 2019 2:46 am

Re: Question on security of .bin file

Postby spyder0069 » Wed Aug 28, 2019 5:22 am

Those are just an example. The app also does a ftp of data to a site so it needs the site credentials as well.

Who is online

Users browsing this forum: No registered users and 58 guests