ESP32 Forum

ESP32 Official Forum
https://esp32.com/

Is it possible to encrypt/decrypt buffer in RAM using Efuse block1/block2 keys?

https://esp32.com/viewtopic.php?f=2&t=6795

Page 1 of 1

Is it possible to encrypt/decrypt buffer in RAM using Efuse block1/block2 keys?

Posted: Thu Aug 16, 2018 9:16 am
by dmitryga
Hi everybody!

I'm using secure boot + flash encryption with custom keys burned in Efuse block1 and block2. So these keys are known to me and I can encrypt some portion of data and send it to ESP in some way (TCP/IP for example). Can I decrypt this data like system APIs using keys in Efuse?

Re: Is it possible to encrypt/decrypt buffer in RAM using Efuse block1/block2 keys?

Posted: Thu Aug 16, 2018 10:51 am
by WiFive
No those keys are protected so you may as well just store another key in encrypted flash and use that.

Re: Is it possible to encrypt/decrypt buffer in RAM using Efuse block1/block2 keys?

Posted: Thu Aug 16, 2018 12:48 pm
by dmitryga
But how spi_flash_write_encrypted can encrypt data with that keys? I don't want to read key bytes, I just want to ask CPU to encrypt/decrypt something instead of flash with these keys (like bootloader or other components do).

Re: Is it possible to encrypt/decrypt buffer in RAM using Efuse block1/block2 keys?

Posted: Thu Aug 16, 2018 12:53 pm
by ESP_igrr
In case of encryption, ciphertext is passed straight to SPI controller, bypassing the CPU.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/