Visible to the public Timing Analysis for Diffie Hellman Key Exchange In U-BOOT Using Raspberry Pi

TitleTiming Analysis for Diffie Hellman Key Exchange In U-BOOT Using Raspberry Pi
Publication TypeConference Paper
Year of Publication2018
AuthorsAlias, Yasin Fitri, Hashim, Habibah
Conference Name2018 IEEE Symposium on Computer Applications Industrial Electronics (ISCAIE)
ISBN Number978-1-5386-3527-8
Keywordsbrute force attacks, cryptographic, cryptographic era, cryptographic protocols, cryptography, DHKE protocol, diffie hellman key exchange, Diffie Hellman Key Exchange protocol, Discrete Log Hard Problem, embedded device, Embedded systems, exponentiation, firmware, Force, GMP bignum library, Metals, modular exponentiation, networked embedded systems security, Protocols, pubcrawl, public key cryptography, Raspberry Pi, Raspberry-pi, Resiliency, Scalability, Secret key, security schemes, side channel attack, system-on-chip, telecommunication security, Timing, Timing attack, timing attacks, timing patterns, Tools, U-Boot bare metal, unsecure communication channel, word length 2048.0 bit, word length 64.0 bit

In Diffie-Hellman Key Exchange (DHKE), two parties need to communicate to each other by sharing their secret key (cipher text) over an unsecure communication channel. An adversary or cryptanalyst can easily get their secret keys but cannot get the information (plaintext). Brute force is one the common tools used to obtain the secret key, but when the key is too large (etc. 1024 bits and 2048 bits) this tool is no longer suitable. Thus timing attacks have become more attractive in the new cryptographic era where networked embedded systems security present several vulnerabilities such as lower processing power and high deployment scale. Experiments on timing attacks are useful in helping cryptographers make security schemes more resistant. In this work, we timed the computations of the Discrete Log Hard Problem of the Diffie Hellman Key Exchange (DHKE) protocol implemented on an embedded system network and analyzed the timing patterns of 1024-bit and 2048-bit keys that was obtained during the attacks. We have chosen to implement the protocol on the Raspberry-pi board over U-BOOT Bare Metal and we used the GMP bignum library to compute numbers greater than 64 bits on the embedded system.

Citation Keyalias_timing_2018