Fatal Fury on ESP32: Time to Release Hardware Exploits

Presented at Black Hat Europe 2019, Dec. 5, 2019, 2:15 p.m. (50 minutes).

Released on January 1st 2016, the ESP32, the System-on-Chip (SoC) from Espressif Systems, becomes quickly popular among the IoT industry and electronic hobbyists, due to its wireless connectivity, a low-power consumption and a free development framework supporting plenty of functions. Espressif is supporting a 12-years-longevity commitment for ESP32, and has already achieved the 100 Millions Target of IoT chip Shipments in January 2019 [1]. This SoC, based on Xtensa LX6 dual-core, contains built-in security features such as: - Crypto-Hardware accelerator. The HW crypto accelerators are nowadays used to speed up cryptographic primitives like AES, SHA and even RSA, which will be used by crypto library like ARM MbedTLS [2]. - Secure Boot. The Secure boot is the guardian of the firmware authenticity and integrity stored into the Flash memory. - Flash encryption. The Flash encryption is used to protect the firmware confidentiality, for example to avoid the loss of IP or to a readout of persistent and sensitive data like Wi-FI credentials in IoT devices [3]. - One Time Programmable (OTP) memory. The OTP memory, based on eFuses, is considered as a Root-of-Trust to store the security configuration and the secret AES-256 keys, dedicated to secure boot process and Flash encryption. This memory is R/W protected (obviously). This talk presents, in a methodical way, how to defeat one by one the previously listed security features, having physical access to the device and using low-cost hardware techniques such as voltage glitching, analog side-channels, micro-soldering and reverse (of course). To the best of my knowledge, Built-in ESP32 security features such as Secure boot and Flash Encryption were never broken until now. Defeating these protections on a popular platform such as ESP32 should be considered as a serious threat by all the developers using the ESP32 as a main CPU platform or even as a WIFI/bluetooth peripheral, in their final products. Some discovered vulnerabilities cannot be patched without silicon redesign, leading to a lot of vulnerable devices on the field for the coming years. [1] - https://www.espressif.com/en/products/hardware [2] - https://os.mbed.com/docs/mbed-os/v5.10/porting/hardware-accelerated-crypto.html [3] - https://limitedresults.com/2019/01/pwn-the-lifx-mini-white/

Presenters:

• Limited Results - Independent Security Researcher,  
  Hardware hacker. Limited by the time, the $$$, my skills. But, only the Results matter. No affiliation. Rage mode activated. www.limitedresults.com

Links:

• https://www.blackhat.com/eu-19/briefings/schedule/#fatal-fury-on-esp32-time-to-release-hardware-exploits-17336
• https://www.youtube.com/watch?v=vwwTC_ivG00

Similar Presentations:

• HushCon Seattle 2019 / Attacking ESP32 Based Products
• May Contain Hackers (MCH2022) / Building public, dynamic webapps using Micropython on the ESP32
• Black Hat USA 2022 / Unlimited Results: Breaking Firmware Encryption of ESP32-V3