Questions regarding flash encryption and Secure Boot

[WiFive]

There is a factory image in the default ota partition table but it is not required and with big apps there is not much room for it on 4mb flash.

He meant if the devices have unique flash encryption keys which is much more secure since you can't "break one break em all".

[ESPtronic]

There is a factory image in the default ota partition table but it is not required and with big apps there is not much room for it on 4mb flash.

You're right. Fortunately mine isn't. And even if it was, I could simply buy more flash memory.

He meant if the devices have unique flash encryption keys which is much more secure since you can't "break one break em all".

Who said I wasn't going to use a unique flash encryption key? My idea is to make individual keys for each device and have a DB of keys for all the devices. It won't be expensive (1 TB HDDs can be purchased for 50 €).

[WiFive]

Yes so you could also encrypt the binary on the fly as you serve it to a specific client and hopefully all your devices don't update at once.

But you did say "storing the binary pre-encrypted in the server".

[ESPtronic]

But you did say "storing the binary pre-encrypted in the server".

Oh, sorry, I’ve just realized about the implications of storing the binary pre-encrypted in the server. My bad. I’ll probably just use the HTTPS method.

[malaimo]

@ESP_Angus Hello, I have some questions on the security of esp ota updates.. As I know we have two ways to protect codes, one is secure boot and the other is flash encryption , but if I use ota , I have to put the signed(if the secure boot is enabled) bin on the server, then the bin on the server is easy to leak，even if I use the https... Do you have some suggestions about that? can secure boot protect this?

[WiFive]

No you would need to add another layer of encryption on the bin file and store the shared decryption key on all the devices.

[malaimo]

No you would need to add another layer of encryption on the bin file and store the shared decryption key on all the devices.

Thanks for your response,
You give me some inspirations, I think I can do that like this
1. flash a shared decryption key to the devices when I give them out.
2. do decrypt in the ota bin file ,when update is over ,the app file code read the 1 step key from flash , then the devices that did not have the key will not boot up.

but if someone find the key in the flash, that will not work too..
Is my understanding right ? how to solve that?

[WiFive]

If you use flash encryption, secure boot, encrypted ota bin and ssl all together it should be secure.

[ESP_Angus]

As WiFive says, using flash encryption & secure boot together provides local physical firmware security. To protect data in transit over the network, you need additional steps.

To prevent OTA updates being downloaded by unauthorised parties, I'd recommend using HTTPS and some kind of authentication method based on a private key or other secret stored in the client ESP32 - either TLS Client Certificate auth, or some kind of secret device ID which is not broadcast but stored encrypted in the ESP32 flash.

The ESP32 identifies itself to the server over HTTPS, and then the sends provides the .bin image using TLS to encrypt the data transfer.

[WiFive]

Server can potentially be backdoored to get unencrypted bin file so encrypted ota bin is still better.