Using protected efuse keys for AES? (But not encrypted flash)

benpeoples
Posts: 5
Joined: Wed May 31, 2017 4:21 pm

Using protected efuse keys for AES? (But not encrypted flash)

Postby benpeoples » Tue Aug 08, 2017 1:27 am

Big picture, I would like to store a 256-bit key in the efuse and have the AES hardware read it directly from there (that is: have the efuse read-and-write protected).

In my code now, we're just storing the key as a constant, so we initialize the AES context thus:

Code: Select all

esp_aes_setkey_enc( &context, &key, 256);
Is there a way to tell the AES hardware to use the hardware key for arbitrary encrypt/decrypt cycles?

WiFive
Posts: 2471
Joined: Tue Dec 01, 2015 7:35 am

Re: Using protected efuse keys for AES? (But not encrypted flash)

Postby WiFive » Tue Aug 08, 2017 12:06 pm

Good question.

You can program a user key to BLOCK3
key_status determines whether BLOCK3 is deployed for user purposes (Meaning what?)
You can software read protect BLOCK3
Hardware modules are directly hardwired to the ESP32 in order to use the system parameters. (Which modules?)

benpeoples
Posts: 5
Joined: Wed May 31, 2017 4:21 pm

Re: Using protected efuse keys for AES? (But not encrypted flash)

Postby benpeoples » Tue Aug 08, 2017 3:50 pm

It seems likely that the aes hardware can read the key from the efuse, since that's how it works for encrypted flash, but I think it's just a matter of getting that API exposed to the point it can be used more generally.

ESP_igrr
Posts: 1483
Joined: Tue Dec 01, 2015 8:37 am

Re: Using protected efuse keys for AES? (But not encrypted flash)

Postby ESP_igrr » Tue Aug 08, 2017 5:13 pm

AFAIK it is not possible to use flash encryption key to AES-encrypt arbitrary data.

The closest you can get is the approach used in Mongoose, where they derive the encryption key from flash encryption key by reading a block of flash filled with 0xff, and then use that key with the AES hardware:

https://github.com/cesanta/mongoose-os/ ... fs_crypt.c

benpeoples
Posts: 5
Joined: Wed May 31, 2017 4:21 pm

Re: Using protected efuse keys for AES? (But not encrypted flash)

Postby benpeoples » Tue Aug 08, 2017 10:16 pm

That's an interesting approach, actually!

I think we will stick with just storing the key in BLK3 (so it just lives on the device forever), and not treat it as a physical secret.

Thanks!

WiFive
Posts: 2471
Joined: Tue Dec 01, 2015 7:35 am

Re: Using protected efuse keys for AES? (But not encrypted flash)

Postby WiFive » Wed Aug 09, 2017 1:30 am

ESP_igrr wrote:AFAIK it is not possible to use flash encryption key to AES-encrypt arbitrary data.
What is key_status and read protect of BLOCK3 used for?

Koulwa
Posts: 19
Joined: Wed Feb 07, 2018 11:12 pm

Re: Using protected efuse keys for AES? (But not encrypted flash)

Postby Koulwa » Mon Jun 11, 2018 7:52 pm

From my understanding: Looks like they left it to be used for the public key for remote signing for secure boot:

http://esp-idf.readthedocs.io/en/latest ... -boot.html

also suspicious that its just the right size for a key.
Hive.Tech :: www.hive.technology
Pure Engineering :: www.pureengineering.com

Who is online

Users browsing this forum: Baidu [Spider] and 11 guests