how to store sensible data that cannot be accessed

[aygh4266]

Hello everyone,

Since I am new in espressif world. I would like to know how to store sensible data like signature key in esp32s3.
I came across nvs encryption. Is this the write way to do that ??

Best regards

[MicroController]

I came across nvs encryption. Is this the right way to do that ??

It might be.
However, specifically for signing keys, the Digital Signature peripheral with key material stored in read-protected eFuses may be a better/more secure option.

[aygh4266]

I came across nvs encryption. Is this the right way to do that ??

It might be.
However, specifically for signing keys, the Digital Signature peripheral with key material stored in read-protected eFuses may be a better/more secure option.

Thanks a lot for the quick answer. I have read more about the nvs encryption and the flash encryption. Enabling the flash encryption is a prerequisite fpr nvs encryption. Since the key for flash encryption is stored in the eFuse (in the hardware) and the nvs key in the partition nvs key (so in the software), it makes me confused why the flash encryption a prerequisite is.

[MicroController]

The NVS encryption key is stored in the NVS key partition in flash, so without flash encryption the NVS key would be easily extractable from flash by an attacker.
The hardware-based flash encryption itself is not really suitable for NVS use because NVS needs to update small pieces of data in flash each time an entry is created or updated, which the hardware encryption doesn't support.

[aygh4266]

The NVS encryption key is stored in the NVS key partition in flash, so without flash encryption the NVS key would be easily extractable from flash by an attacker.
The hardware-based flash encryption itself is not really suitable for NVS use because NVS needs to update small pieces of data in flash each time an entry is created or updated, which the hardware encryption doesn't support.

Ok but the flash encryption is based on storing the key in eFuses which the nvs encryption doesn't do. I can understand that the nvs key should be encrypted but I can't understand how it will be encrypted.
So the nvs key will be stored in the nvs key parition in flash and the nvs key parition will be encrypted using flash encryption, which will use another key stored in the eFuse. Is my interpretation correct ?

[MicroController]

So the nvs key will be stored in the nvs key parition in flash and the nvs key parition will be encrypted using flash encryption, which will use another key stored in the eFuse. Is my interpretation correct ?

Yes

[aygh4266]

So the nvs key will be stored in the nvs key parition in flash and the nvs key parition will be encrypted using flash encryption, which will use another key stored in the eFuse. Is my interpretation correct ?

Yes

Ok thanks a lot . So since the nvs key ist not executable cause it is hardware-encrypted , as a result, a physical readout of nvs parition, where the encrypted data will be stored later, will not be sufficient to recover most contents.

Sorry for the many questions, but I read an article and it confused me a lot