Hey there. After spending a while on reading the documentation about Flash Encryption + Secure Boot, I found a line which says that device firmware may still be modified even with Flash Encryption, and to use Secure Boot to prevent that.
The setup is the following:
> Flash Encryption with Release mode
> HTTPS OTA Update only with pre-set certificate validation
Short said, the device only can update using the firmware provided by the server.
Also can Secure Boot be enabled on such a device with Flash Encryption in Release mode? (I am sure it is not but asking just in case)
How secure is using Flash Encryption in Release mode without Secure Boot?
-
ESP_Zombie
- Posts: 20
- Joined: Tue Mar 15, 2022 6:15 am
Re: How secure is using Flash Encryption in Release mode without Secure Boot?
Hi __xwtk
In this way, you can try OTA a new_app.bin with software secure boot. For details, please refer to this link https://docs.espressif.com/projects/esp ... ecure-boot
In this way, you can try OTA a new_app.bin with software secure boot. For details, please refer to this link https://docs.espressif.com/projects/esp ... ecure-boot
Re: How secure is using Flash Encryption in Release mode without Secure Boot?
Great thank you very much!ESP_Zombie wrote: ↑Tue May 16, 2023 6:58 amHi __xwtk
In this way, you can try OTA a new_app.bin with software secure boot. For details, please refer to this link https://docs.espressif.com/projects/esp ... ecure-boot
Who is online
Users browsing this forum: Majestic-12 [Bot] and 26 guests