1

Is it possible to ensure that keys (e.g. ssid, ssl certs) are wiped from the memory of a esp32?

I'm new to the esp32, coming from a IoT device security perspective.

Say a person was testing an esp32 application that utilized WIFI, in which sensitive keys are embedded in the firmware. They then overwrote the esp32 with a small led blink firmware in an attempt to clear said keys.

I would like to know if flashing a small "blink" program will be sufficient to remove the keys, so the esp32 could be repurposed without worry that a firmware dump would reveal past firmware information.

This question is specifically targeting scenarios where the esp32 is for development purposes (fuse bits are never burnt - mind I think there is a security flaw where chip can be dumped anyhow).

PathToLife
  • 113
  • 4

1 Answers1

2

You can use esptool.py to run an erase_flash operation.

Erase Flash: erase_flash & erase_region

To erase the entire flash chip (all data replaced with 0xFF bytes):

esptool erase_flash

To erase a region of the flash, starting at address 0x20000 with length 0x4000 bytes (16KB):

esptool erase_region 0x20000 0x4000

The address and length must both be multiples of the SPI flash erase sector size. This is 0x1000 (4096) bytes for supported flash chips.

-- esptool basic commands

As far as copy protection goes you can encrypt the flash contents so even if the chip is read directly without the decryption key they won't be able to make any sense of the data.

Majenko
  • 105,851
  • 5
  • 82
  • 139