Pwn the ESP32 Forever: Flash Encryption and Sec. Boot Keys Extraction – LimitedResults

ARANK

I wanted to close my investigation by targeting the two major security features:Secure BootFlash EncryptionMy final goal is to achieve a PERSISTENT exploit, bypassing the Secure Boot and the Flash Encryption.In this report, I disclose a full readout of protected E-Fuses storing two secret keys, one used for Flash Encryption (BLK1) and the other for the Secure Boot (BLK2).This attack cannot be patched by the vendor on existing devices. It’s a FOREVER pwn.Espressif and I decided to go to Responsible Disclosure for this vulnerability (CVE-2019-17391).The OTP eFusesOne-Time Programmable (OTP) memory is a type of non-volatile memory (NVM) that permits data to be written to memory only once.Once programmed, or blown, the contents cannot be changed and the contents are retained after power is removed.Inside ESP32, the OTP is based on eFuses technology (electronic Fuses), in order to store system parameters, security configuration and sensitive data.Fundamentally, an eFuse is a single bit of…