Talk

Breaking the Random: Exploiting ESP32’s RNG Vulnerabilities in Offline Applications

March 14, 11:30 (CLOUD)

The ESP32 microcontroller, a cornerstone in countless IoT devices and embedded systems, harbors a ticking time bomb within its hardware Random Number Generator (RNG). When operating without Wi-Fi or Bluetooth connectivity, the ESP32’s RNG fails to produce true randomness, leading to dangerously predictable cryptographic operations. This talk rips the veil off this critical vulnerability, diving deep into the technical underpinnings and demonstrating how attackers can exploit these weaknesses to recover cryptographic keys, predict security tokens, and compromise secure boot processes.

By dissecting popular open-source projects like ESPHome, Tasmota, and MicroPython, we expose how widespread this issue is and how it can be weaponized in real-world scenarios. Live demonstrations will showcase the ease with which secure systems can be breached, emphasizing the urgent need for awareness and remediation. Attendees will walk away equipped with the knowledge to assess their own systems for these vulnerabilities and implement actionable strategies to safeguard against such attacks.

Speaker

Solmaz Salimi

Solmaz Salimi is a postdoctoral researcher in the Software and System Security (S3) Group at EURECOM. She earned her PhD from Sharif University of Technology.

Her research focuses on applying static and dynamic program analysis techniques to enhance the security of complex software systems. She has a specific interest in securing inter-layer communications and optimizing interactions with hardware interfaces and firmware layers across diverse architectures.

Samad Alaamati

I'm a seasoned cybersecurity researcher and embedded systems specialist with over 5 years of experience in the field. Passionate about uncovering hidden vulnerabilities, I have a track record of identifying critical flaws in widely deployed microcontroller platforms. I have previously presented at international security conferences, sharing insights on hardware hacking, cryptographic weaknesses, and IoT security challenges. Committed to advancing the security of embedded devices, I actively contribute to open-source projects and collaborates with the developer community to promote best practices. Also I'm the founder of ASIS CTF and CryptoCTF too!