Encryption and Decryption of Single-Chip Microcontrollers (MCUs)

This guide covers hardware and software methods for encrypting and decrypting firmware in [microcontrollers](https://www.ampheo.com/c/microcontrollers) ([STM32](https://www.ampheo.com/search/STM32), [PIC](https://www.ampheo.com/search/PIC), [AVR](https://www.ampheo.com/search/AVR), ESP32, etc.), including security best practices and attack mitigation. ![IC-Unlock](https://hackmd.io/_uploads/rkK0v23kex.png) **1. Why Encrypt MCU Firmware?** ![企业微信截图_20250428155727](https://hackmd.io/_uploads/HyBxBhnJll.png) **2. Hardware-Based Encryption** **A. Built-in MCU Security Features** ![企业微信截图_20250428155819](https://hackmd.io/_uploads/SJD7B3nyxx.png) STM32 Read Protection (RDP) * Level 0: No protection (default) * Level 1: Flash read disabled (JTAG/SWD locked) * Level 2: Irreversible bricking if tampered How to enable: ``` c // In STM32CubeIDE (or via ST-Link CLI) HAL_FLASH_OB_Unlock(); FLASH_OBProgramInitTypeDef OB_Config; OB_Config.OptionType = OPTIONBYTE_RDP; OB_Config.RDPLevel = OB_RDP_LEVEL_1; HAL_FLASHEx_OBProgram(&OB_Config); HAL_FLASH_OB_Lock(); ``` **B. External Secure Elements** ![企业微信截图_20250428155936](https://hackmd.io/_uploads/H1kKSn2kxg.png) Example: AES-128 Encryption with ATECC608A ``` c uint8_t plaintext[16] = "Hello MCU!"; uint8_t key[16] = {0x2B, 0x7E, 0x15, ... }; // AES-128 key uint8_t ciphertext[16]; ATECC608A_Encrypt(key, plaintext, ciphertext); // Uses I2C ``` **3. Software-Based Encryption** **A. Symmetric Encryption (AES)** Best for real-time decryption in resource-constrained MCUs. STM32 Hardware AES (CRYP peripheral) ``` c // STM32Cube HAL Example AES_HandleTypeDef haes; haes.Init.DataType = AES_DATATYPE_8B; haes.Init.KeySize = AES_KEYSIZE_128; HAL_CRYP_Init(&haes); uint8_t key[16] = "..."; // 128-bit key uint8_t plaintext[16] = "Encrypt this!"; uint8_t ciphertext[16]; HAL_CRYP_AESECB_Encrypt(&haes, plaintext, 16, ciphertext, HAL_MAX_DELAY); ``` **B. Asymmetric Encryption (RSA/ECC)** Used for secure boot and key exchange. * RSA-2048: Slow (~1 sec on Cortex-M4) * ECC P-256: Faster than RSA Example: ECDSA Signature Verification ``` c // Using MbedTLS on STM32 mbedtls_ecdsa_context ctx; mbedtls_ecdsa_init(&ctx); mbedtls_ecp_group_load(&ctx.grp, MBEDTLS_ECP_DP_SECP256R1); mbedtls_ecdsa_verify(&ctx.grp, hash, sig, &ctx.Q); ``` **4. Firmware Decryption Methods (Attack Vectors)** **A. Side-Channel Attacks** ![企业微信截图_20250428160138](https://hackmd.io/_uploads/SJelUhhkel.png) **B. Fault Injection** * Clock Glitching → Reset MCU during secure boot * Laser Fault Injection → Bypass password checks Mitigation: * Enable Tamper Protection (STM32 RDP Level 2) * Use Secure Bootloaders **C. JTAG/SWD Exploitation** * Disable Debug Ports (STM32 RDP=1) * Use Secure Firmware Updates (Signed DFU) **5. Secure Boot Implementation** **A. STM32 Secure Boot (TrustZone)** 1. Enable TrustZone in STM32CubeMX 2. Sign Firmware with ECDSA ``` bash openssl ecparam -genkey -name prime256v1 -noout -out priv.key openssl dgst -sha256 -sign priv.key firmware.bin > firmware.sig ``` 3. Verify Signature in Bootloader **B. ESP32 Secure Boot** ``` bash # Enable Secure Boot in ESP-IDF idf.py secure-boot enable idf.py flash ``` **6. Best Practices** 1. Never Store Keys in Flash → Use OTP (One-Time Programmable) memory 2. Use Randomized Nonces → Prevent replay attacks 3. Secure Firmware Updates → Encrypted + Signed OTA 4. Disable Unused Peripherals → Reduce attack surface **7. Tools for MCU Security Testing** ![企业微信截图_20250428160353](https://hackmd.io/_uploads/ry0YU2hklg.png) **Conclusion** ![企业微信截图_20250428160424](https://hackmd.io/_uploads/rJw5Unnkgl.png) Next Steps: * Try [STM32](https://www.ampheoelec.de/search/STM32) TrustZone for secure/non-secure partitions * Implement AES-256 + Secure Boot on ESP32 * Test your MCU with ChipWhisperer