A firmware-based chained cryptographic attestation protocol for secure embedded system communication applied in u-boot bootloader / Mohd Anuar Mat Isa

Mat Isa, Mohd Anuar (2018) A firmware-based chained cryptographic attestation protocol for secure embedded system communication applied in u-boot bootloader / Mohd Anuar Mat Isa. PhD thesis, Universiti Teknologi MARA (UiTM).

Abstract

An increasing amount of attention is being given by researchers to the issues surrounding the security of embedded systems in recent years due to the emergence of IoT, and the proliferation of attacks on embedded systems. Recent research has suggested that embedded firmware in numerous embedded computing devices are not well protected compared to computing devices with comprehensive operating systems. This happens due to the lack of support for security enforcement stemming from the constrained environment of embedded systems. Due to this limitation, an adversary will compromise the lean and weak cryptographic protocols of the embedded devices by revealing its confidentiality, altering integrity and forging identities. Side-channel attacks such as timing attacks on a cryptographic computation, and relay attacks on Radio Frequency (RF) communication are mounted by the adversary to increase the probability to break weak cryptographic protocols in embedded systems. To address these matters, this work explores security issues particularly on the lack of secret key distributions for embedded firmware, and the lack of attestation between parties in embedded system communication. DenX Universal Boot Loader (U-Boot) firmware was chosen as the target of this study because it is widely used by embedded developers for booting embedded Operating Systems (OSs) that run on smartphones, tablets, Wi- Fi access points etc. The latest U-Boot source code distribution has shown that the preinstalled symmetric encryption scheme, namely AES128 is vulnerable to a session reveal attack because the preinstalled secret key is never renewed after U-Boot firmware is flashed due to the lack of a key distribution protocol in the U-Boot implementation.

Metadata

Item Type: Thesis (PhD)
Creators:
Creators
Email / ID Num.
Mat Isa, Mohd Anuar
2010233244
Contributors:
Contribution
Name
Email / ID Num.
Thesis advisor
Hashim, Habibah
UNSPECIFIED
Divisions: Universiti Teknologi MARA, Shah Alam > Faculty of Electrical Engineering
Programme: Doctor of Philosophy (Electrical Engineering) – EE990
Keywords: Firmware-based, u-boot, communication
Date: 2018
URI: https://ir.uitm.edu.my/id/eprint/82148
Edit Item
Edit Item

Download

[thumbnail of 82148.pdf] Text
82148.pdf

Download (111kB)

Digital Copy

Digital (fulltext) is available at:

Physical Copy

Physical status and holdings:
Item Status:

ID Number

82148

Indexing

Statistic

Statistic details