Open bshambaugh opened 1 year ago
bshambaugh
commented
1 year ago See earlier comment from README.
Elliptic curves can be generated on an ESP32 without the use of a cryptographic co-processor. See libraries Elliptic-Curve-on-ESP32 and micro-ecc . Perhaps there will be issues with securing and preserving the private keys?
bshambaugh
commented
1 year ago Use Flash Encrpytion: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/flash-encryption.html
ESP32 Permanently store information with NVS https://www.youtube.com/watch?v=2x4S8ceaYEY
ESP32 Flash Memory - Store Permanent Data (Write and Read) https://www.youtube.com/watch?v=MxL1PqS2JR0
1 - Save INT32 value permanently in FreeRTOS ESP IDF to ESP32 flash memory using NVS library [most relevant?? to the docs?] https://www.youtube.com/watch?v=1xTU1p7R7gw
More information can be found here. This appears to be only a feature for ESP32, and not ESP8266: https://web.archive.org/web/20170421045923/https://mongoose-os.com/docs/#/security/esp32_flash.md/ Tutorial #12: ESP32 flash encryption https://www.youtube.com/watch?v=16jF0HUyedg https://github.com/PBearson/ESP32_Flash_Encryption_Tutorial
but cryptography on esp8266 is hard https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/wifi.html (no secure boot or flash encryption) https://hackaday.com/2017/06/20/practical-iot-cryptography-on-the-espressif-esp8266/
better work on ways of not storing secret stuff on ESP8266 https://github.com/kakopappa/arduino-esp8266-aes-encryption-with-nodejs https://primalcortex.wordpress.com/2020/05/05/esp8266nodejs-ecdh/ But what about the cool unique Id you had with the atecc508a? maybe follow the suggestions from Harrison, and use some other unique ID, like the mac address of the esp8266? https://randomnerdtutorials.com/get-change-esp32-esp8266-mac-address-arduino/
There is a thing called NVS Encrpytion that might work:
https://docs.espressif.com/projects/esp-idf/en/release-v3.2/security/flash-encryption.html