Hi all,
This may seem like a trivial matter to most of you. For some reason, I'm just having trouble wrapping my head around it.
My question is this: what is the inherent security advantage to placing a limit on (plaintext) serial updates once flash encryption is enabled? It seems to me that with flash encryption, we merely want to prevent unauthorized read access to the firmware and bootloader, so I don't understand where imposing a limit to flash updates fits in.
Again, my gut feeling tells me that I am missing something quite obvious. Any feedback is well appreciated.
Thanks!
Security Advantage of Limiting Serial Updates for Flash Encryption
-
- Posts: 30
- Joined: Mon Oct 15, 2018 2:10 am
Re: Security Advantage of Limiting Serial Updates for Flash Encryption
If you can upload plaintext and it ends up encrypted in flash then you can potentially use that to weaken or defeat the encryption and you can emulate the flash chip to make this easier. Actually you could probably also use a timing attack to defeat secure boot and run a malicious firmware (because you can encrypt it) and use it to decrypt the whole flash. Once you have the flash dump you can recover secret keys, user data, and the binary firmware. If you want to run a patched firmware you just have to replace the esp32 chip/module to control secure boot.
-
- Posts: 30
- Joined: Mon Oct 15, 2018 2:10 am
Re: Security Advantage of Limiting Serial Updates for Flash Encryption
This makes complete sense. Thank you!
Who is online
Users browsing this forum: No registered users and 106 guests