Side-Channel Security on Key Exchange Protocol: Timing and Relay Attacks

The advancing of Key Exchange Protocol (KEP) is compulsory to secure the connected world via Internet of Thing (IoT), cryptocurrency and blockchain, virtual intelligent, smart computing etc. To address the security issues in the Internet based computing systems, this paper explores the side-channel security for KEP, namely timing and relay attacks. Nowadays, various KEP variances are used by internet protocol such as IKEv2/3. The purpose of KEP is to enable a secret key(s) sharing between two or more computing systems on unsecure network. Later, the secret key(s) is used to encrypt all data transmitted for online systems such as internet banking, cryptocurrency transaction, IoT services etc. The timing attack was addressed by an adversary model and security assumptions. The relay attack on KEP was tested by an experiment testbed between a key fob and car using Raspberry Pi and RF module. The experiment result has shown that the propagation delay of KEP on RF communication is increased by 100% for each relay node. If the KEP runtime is increased greater than 50%, the KEP authentication key should be discarded to prevent the attacker from gaining access to the car.

[1]  Afaq Ahmad,et al.  Customized hardware crypto engine for wireless sensor networks , 2017 .

[2]  Kimberly C. Claffy,et al.  Survey of End-to-End Mobile Network Measurement Testbeds, Tools, and Services , 2014, IEEE Communications Surveys & Tutorials.

[3]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[4]  Srdjan Capkun,et al.  Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars , 2010, NDSS.

[5]  Jamalul-lail Ab Manan,et al.  An Experimental Study of Cryptography Capability using Chained Key Exchange Scheme for Embedded Devices , 2014, ArXiv.

[6]  Younsung Choi Cryptanalysis on Privacy-Aware Two-factor Authentication Protocol for Wireless Sensor Networks , 2018 .

[7]  Sujata Mohanty,et al.  Multi-party Key-Exchange with Perfect Forward Secrecy , 2014, 2014 International Conference on Information Technology.

[8]  Lein Harn,et al.  Integrating Diffie-Hellman key exchange into the digital signature algorithm (DSA) , 2004, IEEE Communications Letters.

[9]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[10]  Anton Stiglic,et al.  Security Issues in the Diffie-Hellman Key Agreement Protocol , 2001 .

[11]  Keith Mayes,et al.  Secure Smart Embedded Devices, Platforms and Applications , 2013, Springer New York.

[12]  Dong Hoon Lee,et al.  Strong Diffie-Hellman-DSA Key Exchange , 2007, IEEE Communications Letters.

[13]  Benjamin Arazi Integrating a key distribution procedure into the digital signature standard , 1993 .

[14]  Eun-Jun Yoon,et al.  An Efficient Diffie-Hellman-MAC Key Exchange Scheme , 2009, 2009 Fourth International Conference on Innovative Computing, Information and Control (ICICIC).

[15]  Raphael C.-W. Phan Fixing the integrated Diffie-Hellman-DSA key exchange protocol , 2005, IEEE Communications Letters.

[16]  Nguyen Hieu Minh,et al.  Improving on the integrated Diffie-Hellman-GOST.R94 key agreement protocols , 2013, 2013 Third World Congress on Information and Communication Technologies (WICT 2013).

[17]  Habibah Hashim,et al.  An automobile security protocol: side-channel security against timing and relay attacks , 2017, Int. J. Electron. Secur. Digit. Forensics.

[18]  A. Arivazhagan,et al.  RTL Modelling for the Cipher Blcok Chaining Mode (Cbc) for Data Security , 2017 .

[19]  Michael Ward,et al.  Blinded Diffie-Hellman - Preventing Eavesdroppers from Tracking Payments , 2014, SSR.

[20]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[21]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[22]  Ramlan Mahmod,et al.  A Series of Secret Keys in a Key Distribution Protocol , 2015 .

[23]  John Devlin,et al.  Network-Specific Attacks on Diffie-Hellman Key-Exchange in Commercial Protocols , 2016 .