A firmware-based chained cryptographic attestation protocol for secure embedded system communication applied in u-boot bootloader / Mohd Anuar Mat Isa

An increasing amount of attention is being given by researchers to the issues surrounding the security of embedded systems in recent years due to the emergence of IoT, and the proliferation of attacks on embedded systems. Recent research has suggested that embedded firmware in numerous embedded computing devices are not well protected compared to computing devices with comprehensive operating systems. This happens due to the lack of support for security enforcement stemming from the constrained environment of embedded systems. Due to this limitation, an adversary will compromise the lean and weak cryptographic protocols of the embedded devices by revealing its confidentiality, altering integrity and forging identities. Side-channel attacks such as timing attacks on a cryptographic computation, and relay attacks on Radio Frequency (RF) communication are mounted by the adversary to increase the probability to break weak cryptographic protocols in embedded systems. To address these matters, this work explores security issues particularly on the lack of secret key distributions for embedded firmware, and the lack of attestation between parties in embedded system communication. DenX Universal Boot Loader (U-Boot) firmware was chosen as the target of this study because it is widely used by embedded developers for booting embedded Operating Systems (OSs) that run on smartphones, tablets, Wi- Fi access points etc. The latest U-Boot source code distribution has shown that the preinstalled symmetric encryption scheme, namely AES128 is vulnerable to a session reveal attack because the preinstalled secret key is never renewed after U-Boot firmware is flashed due to the lack of a key distribution protocol in the U-Boot implementation.