A Scheme for the Generation of Strong ICMetrics Based Session Key Pairs for Secure Embedded System Applications
read more
Citations
Book review: Applied cryptography: Protocols, algorithms, and source code in C
Secure Industrial Internet of Things Critical Infrastructure Node Design
Securing health sensing using integrated circuit metric.
Resilience against brute force and rainbow table attacks using strong ICMetrics session key pairs
Securing MEMS Based Sensor Nodes in the Internet of Things
References
Applied Cryptography: Protocols, Algorithms, and Source Code in C
A Course in Computational Algebraic Number Theory
Finding collisions in the full SHA-1
The Kerberos Network Authentication Service (V5)
The Internet Key Exchange (IKE)
Related Papers (5)
Frequently Asked Questions (16)
Q2. What is the security of the scheme?
The security of their scheme is based on a session token issued by the trusted party and the ICMetrics basis number of the device fed to the SHA-2 based key derivation function.
Q3. What is the purpose of the SHA-2 based key stretching and derivation algorithm?
The purpose of the SHA-2 based key stretching and derivation algorithm is to combine and thus stretch the key, so that it qualifies for use in secure operations.
Q4. What is the public key for the generated high entropy private key?
In their research, the public key for the generated high entropy private key is generated based on Hermite Normal Form (HNF) of the high entropy private key due to the uniqueness of the HNF.
Q5. What is the size of the random identity information associated with a device?
The size of this random identity information associated with a device can range from anything between 48 bits to 128 bits is length, by setting a trade-off between the required level of security and the resources available.
Q6. What is the importance of having high entropy keys?
Weak and low entropy keys are likely to being easily cracked by an adversary, therefore it is essential to have keys with high entropy, thereby making key secure against attacks by an adversary during their lifecycle [19].
Q7. What is the importance of a good key generation mechanism?
since embedded systems have typically limitations in terms of power, memory and processing power [1]; there is a need to make a sensible choice of cryptographic mechanisms for key generation, and to keep the length of key sizes according to individual applications [2], so that the employed solutions prove to be suitable for embedded system applications.
Q8. What is the main threat in security applications having weak / low entropy keys?
A major threat in security applications having weak / low entropy keys is the launch of a brute force / exhaustive search attack [15].
Q9. What is the purpose of the proposed scheme?
In the proposed scheme the authors have combined the security advantages of the ICMetrics secret key, random session tokens and security properties of SHA-2 based key derivation function for the generation of strong session based private key.
Q10. What is the value of the TTP’s private key?
1. IDi = 128 bits Random Number 2. Compute Qi = SHA-2 (IDi) 3. Output partial private key ‘PPi’=(EPrt)x(Qi)The generated partial private key ‘PPi’ generated by the TTP is sent to entity IDi.
Q11. What is the purpose of the MTTP with identity IDti?
The TTP with identity IDti, combines both the MTTP generated partial private key ‘PPti’ and its own master private key ‘MPrti’ to generate high entropy private key ’EPrti’ for IDti, that can be used for secure onward operation, as shown in Fig. 4.Both PPti and MPrti are combined via SHA-2, as shown in Table 2.
Q12. What is the purpose of the paper?
A framework for generation of strong high entropy session key pairs of sufficient length for ICMetrics secret key is introduced in this paper.
Q13. What is the final result of the SHA-2 based key stretching and derivation algorithm?
Then finally all blocks are XORed to generate the required sized key, which gives the final high entropy private key for the entity IDi.
Q14. What is the SHA-2 based key stretching algorithm?
The user with identity IDi, combines both the TTP partial private key ‘PPi’ and its own master private key ‘MPri’ to generate high entropy private key ’EPri’ for IDi, that can be used for secure operation, as shown in Fig. 5.Both PPi and MPri are combined via SHA-2, as shown in Table 3.
Q15. What are the requirements for a secure key?
As stated above, the generated cryptographic keys must also have certain properties to qualify as a key to be used for secure operations, since any number in its raw form cannot serve as a key for cryptographic operations.
Q16. What is the basis number of the master private key of the master TTP?
Master Private Key of Master TTP ‘MMPrt’ = Basis Number using ICMetrics of DeviceMaster Private Key of TTP ‘MPrt’ = Basis Number using ICMetrics of DeviceSimilarly all entities with identities ID1, ID2, …, IDn also generate their its master private key’s MPr1,MPr2,…, MPrn respectively based on their ICMetrics basis number and hence use their master private key for further operations as shown in fig.