Software component
ESP Wi-Fi Component:
ESPTouch Phone Apps Source:
Impact
In the ESPTouchV2 protocol, while there is an option to use a custom AES key, there is no option to set the IV (Initialization Vector). The IV is set to zero and remains constant throughout the product's lifetime.
In AES/CBC mode, if the IV is not properly initialized, the encrypted output becomes deterministic, leading to potential data leakage.
Patches
To address the aforementioned issues, the application generates a random IV when activating the AES key. This IV is then transmitted along with the provisioning data to the provisioning device.
The provisioning device has also been equipped with a parser for the AES IV.
Patched versions of ESP-IDF Framework are listed below:
Workarounds
The upgrade is applicable for all applications and users of ESPTouch v2 component from ESP-IDF. As it is implemented in the ESP Wi-Fi stack, there is no workaround for the user to fix the application layer without upgrading the underlying firmware.
nir-mo Reporter
Software component
ESP Wi-Fi Component:
ESPTouch Phone Apps Source:
Impact
In the ESPTouchV2 protocol, while there is an option to use a custom AES key, there is no option to set the IV (Initialization Vector). The IV is set to zero and remains constant throughout the product's lifetime.
In AES/CBC mode, if the IV is not properly initialized, the encrypted output becomes deterministic, leading to potential data leakage.
Patches
To address the aforementioned issues, the application generates a random IV when activating the AES key. This IV is then transmitted along with the provisioning data to the provisioning device.
The provisioning device has also been equipped with a parser for the AES IV.
Patched versions of ESP-IDF Framework are listed below:
Workarounds
The upgrade is applicable for all applications and users of ESPTouch v2 component from ESP-IDF. As it is implemented in the ESP Wi-Fi stack, there is no workaround for the user to fix the application layer without upgrading the underlying firmware.