“I wanted to close my investigation by targeting the two major security features:
Secure Boot
Flash Encryption
My final goal is to achieve a PERSISTENT exploit, bypassing the Secure Boot and the Flash Encryption.
In this report, I disclose a full readout of protected E-Fuses storing two secret keys, one used for Flash Encryption (BLK1) and the other for the Secure Boot (BLK2).
This attack cannot be patched by the vendor on existing devices. It’s a FOREVER pwn.
Espressif and I decided to go to Responsible Disclosure for this vulnerability (CVE-2019-17391).
The OTP eFuses
One-Time Programmable (OTP) memory is a type of non-volatile memory (NVM) that permits data to be written to memory only once.
Once programmed, or blown, the contents cannot be changed and the contents are retained after power is removed.
Inside ESP32, the OTP is based on eFuses technology (electronic Fuses), in order to store system parameters, security configuration and sensitive data.
Fundamentally, an eFuse is a single bit of non-volatile memory with the restriction that once an eFuse bit is programmed to 1, it can never be reverted to 0.
Software can instruct the eFuse Controller to program each bit for each system parameter as needed.
Some of these system parameters can be read by software using the eFuse Controller or directly used by hardware modules. Some eFuses blocks are R/W access protection. “