An ICMetric based framework for secure end-to-end communication

Conventional cryptographic algorithms rely on highly sophisticated and well established algorithms to ensure security, while the cryptographic keys are kept secret. However, adversaries can attack the keys of a cryptosystem without targeting the algorithm. This dissertation aims to cover this gap in the domain of cryptography, that is, the problem associated with cryptographic key compromise. The thesis accomplishes this by presenting a novel security framework based on the ICMetric technology. The proposed framework provides schemes for a secure end-to-end communication environment based on the ICMetric technology, which is a novel root of trust and can eliminate issues associated with stored keys. The ICMetric technology processes unique system features to establish an identity which is then used as a basis for cryptographic services. Hence the thesis presents a study on the concept of the ICMetric technology and features suitable for generating the ICMetric of a system. The first contribution of this thesis is the creation of ICMetric keys of sufficient length and entropy that can be used in cryptographic applications. The proposed strong ICMetric key generation scheme follows a two-tier structure, so that the ICMetric keys are resilient to pre-computed attacks. The second contribution of this thesis is a symmetric key scheme that can be used for symmetric key applications based on the ICMetric of the system. The symmetric keys are generated based on zero knowledge protocols and the cryptographic services are provided without transmitting the key over the channel. The fourth major contribution of this thesis is the investigation into the feasibility of employing the ICMetric technology for identifying Docker containers employed by cloud service providers for hosting their cloud services.