An Experimental Study of Cryptography Capability using Chained Key Exchange Scheme for Embedded Devices
This work addresses security implementation challenges for embedded systems, but it is incremental as it builds on existing DHKE improvements and focuses on a specific hardware setup.
The study tackled the gap between theoretical cryptographic protocols and their practical implementation on embedded devices by proposing a Chained Key Exchange scheme integrated with TFTP in UBOOT firmware, using a modified GNU GMP Bignum library on ARM RaspberryPi to secure secret and symmetric key sharing for remote updates.
After 38 years of birthday Diffie-Hellman Key Exchange (DHKE), there are many proposed improvements in the DHKE protocol to encounter modern security issues. This protocol seems quite simple to be implemented, but it can be vulnerable to many types of attacks. In this work, we propose the Chained Key Exchange scheme as a case study to explore cryptographic computation capability of embedded microcontroller. We choose ARM RaspberryPi board as hardware platform for experimental setup. To enable RasberberryPi system on chip (SoC) to perform cryptographic computation, we modified the GNU GMP Bignum library to support a simple primitive cryptographic computation in the UBOOT firmware. The main purpose of our study is to determine whether there is any gap between cryptographic protocol-scheme (in term of theoretical) and its engineering implementation. Our scheme will be integrated with Trivial File Transfer Protocol (TFTP) application in the UBOOT firmware. Our proposed scheme in the TFTP protocol will secure the sharing of secrets and symmetric keys (e.g., AES256). After that, the symmetric encryption algorithm can be used to encrypt data in the cases of remote system updates, patching and upgrades (e.g., firmware, kernel or application).