Is Arduino eeprom save?

j3sus · September 27, 2017, 7:45pm

If I store the WiFi Password in the eeprom and someone takes the device, is the password save or readable from others?

If I code the password, e.g. with a PIN, is the compiled code readable?

Thx,
Mike

anon57585045 · September 27, 2017, 8:35pm

You can encrypt the password.

j3sus · September 28, 2017, 6:55pm

Is it possible to read the sketch out of the arduino? Or can I place a secure key in the sketch to secure the eeprom content.

anon57585045 · September 28, 2017, 7:09pm

j3sus:
Is it possible to read the sketch out of the arduino? Or can I place a secure key in the sketch to secure the eeprom content.

It is possible to read the flash contents unless you set some lock bits to secure it. But it is machine code, not C source. It would be an extremely difficult job, someone would have to want to break into your wifi network very badly.
.
But if you hard code the decryption password into the sketch, it defeats your purpose (I assume) of having it in EEPROM, which is that it can be changed.

Even flash memory can be cracked with special electron microscopy techniques. So your first job should be to decide how important your secret is, so you can decide how difficult you will have to make the job of cracking it.

Note that a wifi password that is not periodically changed is unsafe anyway.

Encrypting the password and placing it in EEPROM will allow you to change it at will and prevent anyone without a full understanding of the flash code, from using it. That's because the key will be stored in flash.

j3sus · September 28, 2017, 7:50pm

Thx, I had the same idea.

Using a simple byte array to XOR the password and store it in the eeprom. This will allow me to set and read the 'secret' and it will be enough complicated to avoid breaking in. Even from a technically skilled person.

If flash memory is not readable with a simple device from ebay then it will be secure enough.

anon57585045 · September 28, 2017, 7:52pm

j3sus:
Using a simple byte array to XOR the password and store it in the eeprom. This will allow me to set and read the 'secret' and it will be enough complicated to avoid breaking in. Even from a technically skilled person.

Muhahaha...

anon57585045 · September 28, 2017, 7:58pm

j3sus:
If flash memory is not readable with a simple device from ebay then it will be secure enough.

You don't need a device to read flash. Just the right software.

Topic		Replies	Views
Privacy question Programming	7	501	May 5, 2021
ESP32 secure wifi credentials UNO WiFi Rev2	9	6717	December 6, 2021
How and where do I use an encryption library? General Guidance	27	12236	May 5, 2021
Problem writing/reading string in EEPROM Jobs and Paid Consultancy	7	1476	May 6, 2021
ESP8266 writing to EEPROM, some data stored other data not so much Storage	13	4364	May 6, 2021

Is Arduino eeprom save?

Related topics