4

enter image description hereI have an ESP-01. Its the most basic of the ESP8266 boards that I've found. Mine turns on, sends a post to a server, turns off. I have it TLS'd with the server's cert. But something bugs me.

How easy it for someone to steal the chip, decompile the flash, get the wifi password, clone a new ESP to do bad things? How do i prevent this?

I came across this site http://developers-club.com/posts/255153/ that talks about de-compiling the flash and turning the assembly back into C code. It's way over my head and it links to some other Russian site for more details. But scared me enough to post the question here.

Mithun Kalan
  • 400
  • 1
  • 3
  • 13
  • The question is too broad. This **is** possible and for skilled person it is not very hard to do. But no one will give you any metrics on how secure you are. – arrowd Oct 30 '18 at 08:53

1 Answers1

4

The ESP8266 doesn't have onboard flash - all of the user code is stored in an SPI flash (that's the big SO-8 chip next to the ESP8266). To retrieve user code, just the flash needs to be de-soldered, put in a socket, and any off the shelf flash programmer (like the FlashCAT) can be used to dump the contents.

If your concern is about just being able to acquire the SSID and password, it's much easier. wifi_station_set_config saves the SSID and password to flash. See memory layout.

If you're really paranoid about security, use a secure element. They're pretty cheap, and orders of magnitude more difficult to penetrate.

The ATECC508A is a pretty easy to source, and reasonably easy to use secure element (key storage is usually OTP). If you want more storage and flexibility, you could go for Trusted Objects TO-136. AFAIK, you can only source them through Avnet.

Asti
  • 12,447
  • 29
  • 38