A Secure IoT Firmware Update Scheme Against SCPA and DoS Attacks |
| |
| Authors: | Fan Yan-Hong Wang Mei-Qin Li Yan-Bin Hu Kai Li Mu-Zhou |
| |
| Affiliation: | School of Cyber Science and Technology, Shandong University, Qingdao 266237, China;Key Laboratory of Cryptologic Technology and Information Security(Shandong University), Ministry of Education Qingdao 266237, China |
| |
| Abstract: | In the IEEE S&P 2017,Ronen et al.exploited side-channel power analysis (SCPA) and approximately 5000 power traces to recover the global AES-CCM key that Philip Hue lamps use to decrypt and authenticate new firmware.Based on the recovered key,the attacker could create a malicious firmware update and load it to Philip Hue lamps to cause Internet of Things (IoT) security issues.Inspired by the work of Ronen et al.,we propose an AES-CCM-based firmware update scheme against SCPA and denial of service (DoS) attacks.The proposed scheme applied in IoT terminal devices includes two aspects of design (i.e.,bootloader and application layer).Firstly,in the bootloader,the number of updates per unit time is limited to prevent the attacker from acquiring a sufficient number of useful traces in a short time,which can effectively counter an SCPA attack.Secondly,in the application layer,using the proposed handshake protocol,the IoT device can access the IoT server to regain update permission,which can defend against DoS attacks.Moreover,on the STM32F405+M25P40 hardware platform,we implement Philips' and the proposed modified schemes.Experimental results show that compared with the firmware update scheme of Philips Hue smart lamps,the proposed scheme additionally requires only 2.35 KB of Flash memory and a maximum of 0.32 s update time to effectively enhance the security of the AES-CCM-based firmware update process. |
| |
| Keywords: | Internet of Things firmware update authenticated encryption side-channel power analysis denial of service |
| 本文献已被 万方数据 SpringerLink 等数据库收录! |
| 点击此处可从《计算机科学技术学报》浏览原始摘要信息 |
|
点击此处可从《计算机科学技术学报》下载全文 |
|
