I have a question about password security with the ESP8266.

(Paul Gross) #1

I have a question about password security with the ESP8266.

Because all Internet routers should be using a password, is there a standard way to digest/hash the router password in the memory of the ESP8266?

I am hoping for a solution that can handle these issues:

  1. If the router password is changed for any reason, I don’t want to have to reload a sketch into the ESP8266 where with the router password is a clear-text variable.

  2. If the ESP8266 device is ever lost or stolen, the memory should only contain the digested/hashed router password, NOT the password in clear-text.

At the moment, I can imagine some sort of solution where the password is transferred into the device memory using a separate step to the program code, but I will admit that’s pretty vague!

Ideally, the transfer of the password could happen while the device is in the field, using a connector cable for that purpose.

I have Googled for solutions to this problem, but I have come up with nothing so-far.

Has anyone seen a secure implementation of password storage in the ESP8266, or does anyone have any ideas how this can be achieved?

Thanks in advance.


(Mike Barela) #2

Good question

(Paul Gross) #3

It seems that I have been using the wrong terminology.

I don’t want to hash or digest the password, I want to encrypt it.

An encrypted password can be decrypted, but hashed or digested passwords cannot ever be reversed to recover the plain text password.

Here is what I have been thinking so-far:

  1. Add a random key constant to the code.

  2. After power-up, get the user to enter the WIFI password (exactly how I am not sure - I will solve this later).

  3. Encrypt the password + key constant and store the result on EEPROM (But does the ESP8266 even have an EEPROM?)

  4. Each time the ESP8266 powers up, read the EEPROM and decrypt the password using the key constant, and log into the WIFI router.

Notes and issues:

The contents of the EEPROM, if one even exists on the ESP8266, are useless without the program’s secret key.

The program’s source code, while stored on someone’s computer, has the secret key and so must be kept secret as well.

There may be a security-bit on the ESP8266 that prevents the stored program from being read-back by a malicious agent. In the absence of this security bit in the ESP8266, this whole topic is pointless - there is no way to keep the WIFI password secure in an ESP8266.

The Ardunio family supposedly has a security-bit for the purpose of keeping the program code secure, so perhaps the ESP8266 also has one?