Are all the old ESP32 versions with the outdated secure boot discontinued?

JosuGZ
Posts: 48
Joined: Tue Jan 14, 2020 9:47 am

Are all the old ESP32 versions with the outdated secure boot discontinued?

Postby JosuGZ » Mon Sep 13, 2021 1:31 pm

Hi, I'm seeing that the old versions of the ESP32, the ones vulnerable to fault injection, are not recommended for new designs. Should I worry and update my process? As far as I know, the same firmware should work, but new tooling is needed to enable Secure Boot and generate the keys, etc, which would be problematic should I need units for some projects. I would also need a new bootloader which may or may not fit on my partition layout.

ESP_Sprite
Posts: 9770
Joined: Thu Nov 26, 2015 4:08 am

Re: Are all the old ESP32 versions with the outdated secure boot discontinued?

Postby ESP_Sprite » Tue Sep 14, 2021 1:33 am

You could still use the old SecureBoot; the V3 still supports that and we fixed the issues that made the process glitchable in earlier versions. SecureBoot V2 is a bit more secure (as it uses public/private keypairs for signing the bootloader, meaning it's physically impossible to get the signing key in whatever way from a chip) but if V1 satisfies your requirements, there's nothing to stop you using that instead.

JosuGZ
Posts: 48
Joined: Tue Jan 14, 2020 9:47 am

Re: Are all the old ESP32 versions with the outdated secure boot discontinued?

Postby JosuGZ » Tue Sep 14, 2021 7:23 am

Ok, thanks!

Then I have two questions:

1- There is an old project where I was burning the secure boot and flash encryption keys using the tools provided by IDF 3.2, will that still work? I was doing that since it had no OTA so I needed to be able to reflash the whole firmware already encrypted if I wanted to upgrade.

-2 Having Secure Boot V1 with the new chips fixes the voltage glitching problem, correct?

ESP_Sprite
Posts: 9770
Joined: Thu Nov 26, 2015 4:08 am

Re: Are all the old ESP32 versions with the outdated secure boot discontinued?

Postby ESP_Sprite » Tue Sep 14, 2021 10:45 am

1. I think so. The ESP ECO fuses should be compatible.
2. Yes.

JosuGZ
Posts: 48
Joined: Tue Jan 14, 2020 9:47 am

Re: Are all the old ESP32 versions with the outdated secure boot discontinued?

Postby JosuGZ » Thu Sep 16, 2021 3:16 pm

Thanks! It seems to work.

Is this bit needed though?: ABS_DONE_1

Who is online

Users browsing this forum: No registered users and 47 guests