5.6 Encrypted Credential Storage

In ATWINC15x0 firmware v19.6.1 and above, the credentials such as passphrase of the AP or Enterprise certificate and other parameters like SSID, IP address, BSSID are encrypted using AES128-CBC before they are written into the serial Flash. This makes it difficult for an attacker to retrieve the sensitive information inspite of having physical access to the device. The encryption provided by this feature must not be considered secure. The encryption is only intended to prevent credentials being revealed in plain text by an opportunistic read of ATWINC15x0 Flash. Therefore, other security practices must be followed where possible, such as changing passwords regularly and deleting credentials when they are no longer required.

When requesting for a connection to a network, the application can specify how the connection credentials must be stored in ATWINC15x0 Flash. The options are as follows:
  • Do not store credentials
  • Store credentials unencrypted
  • Store credentials encrypted
The credentials consist of:
  • SSID
  • BSSID (if provided)
  • WEP key (for WEP connection)
  • Passphrase and PSK (for WPA/WPA2 PSK connection)
  • Domain, User name and Password (for WPA/WPA2 1x MSCHAPv2 connection)
  • Domain, User name, Certificate and Private Key (for WPA/WPA2 1x TLS connection)

The credentials are stored in ATWINC15x0 Flash when connection succeeds, and only one set of credentials is stored at a time; if new credentials need to be stored then the old credentials are removed (overwritten with 0’s).

If credentials are stored in ATWINC15x0 Flash, then the application can request subsequent connections without providing the credentials again, using m2m_wifi_default_connect.

If roaming is enabled, roaming can take place regardless of whether the credentials are stored in ATWINC15x0 Flash. (They are stored in data memory for the duration of a connection.) The application can delete credentials from ATWINC15x0 Flash using m2m_wifi_delete_sc.

Note: Version 19.6.1 firmware implements a new format for the ATWINC15x0 Flash store for connection parameters. The effects of this are:
  • During a firmware upgrade to v19.6.1, previously stored credentials are reformatted. After the first successful connection to an access point, these stored credentials are encrypted.
  • During a firmware upgrade to v19.6.1, previously stored IP address and Wi-Fi channel are deleted.
  • After a firmware downgrade from v19.6.1 to previous firmware, credentials stored by v19.6.1 firmware are not readable by the previous firmware. The operation of the previous firmware is otherwise unaffected.