We introduce the course, its structure and the basics of ESP32 Flash Encryption. We go into the details about the key aspects of security on these microcontrollers to get you up to speed in securing your ESP32 projects. 

M1E1 - Introduction

Module 1 - Introduction

Building a base project to demonstrate security features, using FAT (File Allocation Table) as well as NVS (Non-Volatile Storage).

M2E1 - Building an Application with FAT Storage

M2E2 - Adding NVS

Module 2 - Building an Application

This module covers how people can steal your secrets if you don't encrypt your Flash. We get an overview of securing an application and looking at eFuses (electronic fuses) and the process to encrypt the binary code running on the ESP32.  
We then show you how to encrypt storage such as NVS and FAT.

M3E1 - Stealing Secrets

M3E2 - Architecture Overview

M3E3 - Examining eFuses

M3E4 - Encryption Status

M3E5 - Encryption in Menu Config

M3E6 - Increasing the Bootloader Size

M3E7 - Encryption Process

M3E8 - Flashing with Encryption

M3E9 - FAT Encryption

M3E10 - NVS Encryption Part 1

M3E11 - NVS Encryption Part 2

Module 3 - Encrypting Flash

How to secure an Over the Air update (OTA) using an Amazon Web Services S3 bucket. 

M4E1 - Creating an S3 Bucket

M4E2 - OTA connecting to Wi-Fi

M4E3 - OTA HTTP Client

M4E4 - Performing an OTA

Module 4 - Over The Air Updates

Secure Boot stops others from running rogue applications on your device. In this module you will learn how to create and use a Secure Boot process. 

M5E1 - Intro to Secure Boot

M5E2 - Explanation of Secure Boot

M5E3 - Building with Secure Boot

M5E4 - Flashing with Secure Boot

M5 - Secure Boot

This version of Secure Boot has a more advanced mechanism for securing your code and device. We go over what you need to know to use it effectively. 

M6E1 - Secure Boot V2 Features

M6E2 - Theory of Secure Boot V2

M6E3 - Configuring Secure Boot V2

M6E4 - Bootloader Multiple Keys

M6E5 - Flashing with Secure Boot V2

M6E6 - Remote Sign In and OTA Updates

Module 6 - Secure Boot V2

Flash encryption on an ESP32 is used to protect the contents of the device's flash memory from unauthorized access, meaning that even if someone physically removes the flash chip, they cannot easily read the sensitive data stored on it, significantly enhancing the security of the device, especially when storing sensitive information like API keys or user credentials.Secure Boot is a separate feature which can be used together with flash encryption to create an even more secure environment.This is an advanced course for students who are already familiar with the ESP32 microcontroller.<h3 id="01ccb68c-ff1c-436c-87db-dc81e40645bf" data-toc-id="01ccb68c-ff1c-436c-87db-dc81e40645bf">This course is for you if:</h3><ul><li>You already have some knowledge of the ESP-IDF</li><li>You care about your company’s and your clients’ security. </li><li>You are curious and want to know the security features available for the ESP32.</li><li>You have been wanting to secure your chips but ran into trouble or couldn’t quite understand how it worked. </li></ul><h3 id="7bb6466f-9293-47a3-aa80-157369ec2afe" data-toc-id="7bb6466f-9293-47a3-aa80-157369ec2afe">This course is not for you if:’</h3><ul><li>You are not familiar with, or are just starting with the ESP-IDF.</li><li>You are not familiar with coding in C.</li></ul>

This course is designed for those who care about security and will get you up to speed in safeguarding your ESP32 projects. 

We go into the details on the key aspects and walk you through, line by line, each mode of securing your project. 

LearnFlash Encryption

Mair SWARTZ

Language

Level

Duration

What you will learn

Upon completion, you will confidently be able to secure your applications.

You will learn to encrypt flash memory and NVS.

You will have an excellent grasp of both Secure Boot and Secure Boot V2.

You will know how to use an AWS S3 bucket to perform secure, Over-The-Air updates.

Course content

Course Description

This Course Includes