Where can I store secret keys?

Question

I want to store a password in my ESP8266 program, but I can't figure out a way to do it that makes it inaccessible to hackers. Even if I encrypt it, I'd still need to store the private key for the encryption process somewhere. I only have two ideas and both have issues:

1. As a const in program code
   The compiled binary will be publicly available, so anyone who is able to spend some time interpreting the compiled file would eventually be able to find the password stored in it.
   
2. In EEPROM
   This is at least safe from people who aren't users, but any user would still be able to upload their own program and read the EEPROM to find the password.

Surely this is a common issue, especially in commercial products. What is the solution that I'm not thinking of?

Answer 1

The ESP8266 is the wrong device for this. You cannot store anything inside it with protection against read-out.

Any user software is in external memory, so even hobbyists can read all of it. If you provide the binary for download (because of updates, or a DIY build), it even simplifies the read-out.

If you apply asymmetric encryption, for example via a key from an external server, you cannot stop a hacker to apply the same algorithm.

Final note: There is no such thing as absolute security. You can reach some degree, but it is hard.

Answer 2

As @the busybee already said, the ESP8266 is the wrong chip for such applications. Since you always have the possibility to change the firmware. You could write your own bootloader that only accepts your firmware, but this is a huge project by itself.

Encrypting the data should normally be totally ok, if the encryption algorithm is sufficiently strong.

But since you have a ESP8266, you could also transfer the data encrypted to a cloud server which manages/holds the data for you.

But with the hardware you have, it's going to be difficult to lock or hide the data in the EEPROM.

Regards Dario