Secure Boot and other Security Options Missing (GIT8266O-382)

espressif / ESP8266_RTOS_SDK

Latest ESP8266 SDK based on FreeRTOS, esp-idf style.

http://bbs.espressif.com

Apache License 2.0

3.31k stars 1.56k forks source link

Secure Boot and other Security Options Missing (GIT8266O-382) #812

Open Gungeoneer opened 4 years ago

Gungeoneer commented 4 years ago

Using the latest version of the SDK, I wanted to ask why Secure Boot and other Security Options are missing when the target platform is selected as ESP8266? Is there a way to manually perform these operations? Or do I have to enable something in make menuconfig to be able to see these options?

nuclearcat commented 4 years ago

AFAIK there is no secure boot and options on ESP8266 hardware. It is available only on ESP32.

Gungeoneer commented 4 years ago

Thanks for the reply. So, is there any way to add security to the bootloader?

nuclearcat commented 4 years ago

Secure boot need support in hardware. You can add security by obscurity, some kind of encryptor to OTA, but still it is possible (and even trivial) to download firmware and reverse engineer it. ESP32 is much more secure for this matters, because it keeps decryption key in specially designated (and not readable) chunk of memory.