Your 4-Digit PIN Is Fine: Device-Bound Keys on ESP32-S3
Why PBKDF2 iterations can't protect a 4-digit PIN on a microcontroller, and how an eFuse-HMAC device secret plus HKDF stops offline brute force.
#esp32
3 posts about this topic
A Vault File That Fails Closed: Encrypt-then-MAC on an MCU
How a hardware password manager authenticates every vault file before it decrypts: encrypt-then-MAC, verify-before-decrypt, and fail-closed reads.
What the Linker Won't Do: Packing i18n Strings on an MCU
A build-time generator packs firmware UI translations into one string pool indexed by uint16 offsets, halving the index table on a 32-bit MCU.