Espressif Security Advisory Concerning Fault Injection and Secure Boot (CVE-2019-15894)
Posted: Mon Sep 02, 2019 12:20 pm
hi folks
An attacker who uses fault injection to physically disrupt the ESP32 CPU can bypass the Secure Boot digest verification at startup and boot unverified code from flash. To protect devices with Flash Encryption and Secure Boot enabled against this attack, a firmware change must be made to permanently enable Flash Encryption in the field.
What is fault injection?
Fault injection is a technique for disrupting the behaviour of a hardware system by injecting faults via physical means, often by carefully timed voltage or clock fluctuations. To deploy fault injection an attacker must have physical access to the hardware to modify it and inject faults.
Following a fault, the system will usually crash. However sometimes a carefully timed fault may cause the CPU to skip a particular instruction or corrupt the result of a particular calculation. By repeating the fault injection process a large number of times, an attacker may eventually get a result which bypasses a security measure.
All electronic hardware is vulnerable to some types of physical fault injection, although the difficulty of inducing the fault varies.
Recommendations for ESP32 Users
All existing users of Secure Boot and Flash Encryption on the ESP32 should upgrade ESP-IDF to versions 3.0.9, 3.1.6, 3.2.3, 3.3.1 as soon as these versions are available. These versions, and ESP-IDF v4.0 and newer, will contain a patch to permanently enable Flash Encryption when Secure Boot is used, preventing it from ever being temporarily disabled.
The updated app can be delivered to devices in the field via OTA and does not require any update of the ESP-IDF bootloader.
Users who do not wish to wait for the new ESP-IDF release can patch ESP-IDF V3.2.x apps to call the following API as part of startup in the app_main() function or similar:
ESP-IDF versions prior to v3.2 can either update ESP-IDF, or copy the esp_flash_write_protect_crypt_cnt() function from newer ESP-IDF into the firmware app and then call it as shown above. Please contact Espressif if you require technical assistance with this process.
more info please have a note :
best wishes
rudi
An attacker who uses fault injection to physically disrupt the ESP32 CPU can bypass the Secure Boot digest verification at startup and boot unverified code from flash. To protect devices with Flash Encryption and Secure Boot enabled against this attack, a firmware change must be made to permanently enable Flash Encryption in the field.
What is fault injection?
Fault injection is a technique for disrupting the behaviour of a hardware system by injecting faults via physical means, often by carefully timed voltage or clock fluctuations. To deploy fault injection an attacker must have physical access to the hardware to modify it and inject faults.
Following a fault, the system will usually crash. However sometimes a carefully timed fault may cause the CPU to skip a particular instruction or corrupt the result of a particular calculation. By repeating the fault injection process a large number of times, an attacker may eventually get a result which bypasses a security measure.
All electronic hardware is vulnerable to some types of physical fault injection, although the difficulty of inducing the fault varies.
Recommendations for ESP32 Users
All existing users of Secure Boot and Flash Encryption on the ESP32 should upgrade ESP-IDF to versions 3.0.9, 3.1.6, 3.2.3, 3.3.1 as soon as these versions are available. These versions, and ESP-IDF v4.0 and newer, will contain a patch to permanently enable Flash Encryption when Secure Boot is used, preventing it from ever being temporarily disabled.
The updated app can be delivered to devices in the field via OTA and does not require any update of the ESP-IDF bootloader.
Users who do not wish to wait for the new ESP-IDF release can patch ESP-IDF V3.2.x apps to call the following API as part of startup in the app_main() function or similar:
Code: Select all
#include <esp_flash_encrypt.h>
void app_main() {
if (esp_flash_encryption_enabled()) {
esp_flash_write_protect_crypt_cnt();
}
// continue normal startup
}
more info please have a note :
best wishes
rudi