Cryptographic Adversary Model: Timing and Power Attacks

In this work, we present an adversary model that incorporates side channel attacks in the Indistinguishability Experiment for Adaptive Chosen Ciphertext Attack (CCA2). We propose security assumptions and an attack model for a secure SSW-ARQ protocol with an integration of TFTP protocol. We also present the security reduction of SSW-ARQ protocol from Cramer-Shoup encryption scheme, timing and power attacks as side channel security for the SSW-ARQ protocol. We suggest using a lightweight symmetric encryption for data encryption and asymmetric encryption for key exchange protocols in the TFTP. The target implementation of secure TFTP is for embedded devices such as Wi-Fi Access Points (AP) and remote Base Stations (BS). In this paper we present the security proofs based on an attack model (IND-CCA2) for securing TFTP protocol. We have also introduce a novel adversary model in IND-CCA2-(TA, PA, TPA) and it is considered a practical model because the model incorporates the timing attack and power attack.

[1]  Godred Fairhurst,et al.  Advice to link designers on link Automatic Repeat reQuest (ARQ) , 2002, RFC.

[2]  Florin Sandu,et al.  Remote SoC/FPGA platform configuration for cloud applications , 2014, 2014 International Conference on Optimization of Electrical and Electronic Equipment (OPTIM).

[3]  Chun Liu,et al.  Research and Implementation of the Secure Database-Update Mechanism , 2014 .

[4]  G. Edward Suh,et al.  Aegis: A Single-Chip Secure Processor , 2007, IEEE Design & Test of Computers.

[5]  Hanunah Othman,et al.  Secure System Architecture for Wide Area Surveillance Using Security, Trust and Privacy (STP) Framework , 2012 .

[6]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[7]  Anthony Sulistio,et al.  Private cloud for collaboration and e-Learning services: from IaaS to SaaS , 2010, Computing.

[8]  Dan Boneh,et al.  The Decision Diffie-Hellman Problem , 1998, ANTS.

[9]  Trent Jaeger,et al.  Network-Based Root of Trust for Installation , 2011, IEEE Security & Privacy.

[10]  Mohd Anuar Mat Isa,et al.  ESTABLISHING TRUSTED PROCESS IN TRUSTED COMPUTING PLATFORM , 2010 .

[11]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[12]  H. Hashim,et al.  A lightweight and secure TFTP protocol for smart environment , 2012, 2012 International Symposium on Computer Applications and Industrial Electronics (ISCAIE).

[13]  Yusnani Mohd Yussoff,et al.  Securing TFTP packet: A preliminary study , 2013, 2013 IEEE 4th Control and System Graduate Research Colloquium.

[14]  I-En Liao,et al.  An indoor location-based service using access points as signal strength data collectors , 2010, 2010 International Conference on Indoor Positioning and Indoor Navigation.

[15]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[16]  Eliot Lear,et al.  Uniform Resource Identifier (URI) Scheme and Applicability Statement for the Trivial File Transfer Protocol (TFTP) , 2003, RFC.

[17]  Daniel R. Simon,et al.  Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack , 1991, CRYPTO.

[18]  Anton Stiglic,et al.  Security Issues in the Diffie-Hellman Key Agreement Protocol , 2001 .

[19]  Jamalul-lail Ab Manan,et al.  A Secure TFTP Protocol with Security Proofs , 2014, ArXiv.

[20]  Gene Tsudik Message authentication with one-way hash functions , 1992, CCRV.

[21]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[22]  Karen R. Sollins,et al.  TFTP Protocol (revision 2) , 1981, RFC.