New packet header support and key exchange mechanism for secure trivial file transfer protocol / Nur Nabila Mohamed ...[et al.]

— TFTP has received a significant demand in recent
years because of its lightweight feature and compatibility on
limited low-level embedded system. Nevertheless, as it provides
no security mechanism, questions have been raised about the
safety issue especially during data collection and during system
update. Despite the vulnerability matter, there is also a concern
to integrate TFTP with a suitable and compatible security
mechanism. Because TFTP is a lightweight protocol, the
proposed security mechanism should also be simple yet powerful
to protect the file transmission process against any attack. The
first important method in securing the TFTP communication is
to verify the new packet header that can support the key
exchange operation for the next encryption process. DHKE, a
general and popular key exchange mechanism usually be chosen
but it is vulnerable to MITM attack. Therefore, in this work, a
new DHKE-based key exchange technique is proposed to be
integrated with TFTP packet header for security support which
is expected to provide a secure TFTP communication in the
future M2M technology.