IARIA-Paper-2017
/
esper-ota
4
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

Added cites for the crypto stuff

master
Christian Pape 8 years ago
parent
35209af78b
commit
720a37c19a
2 changed files with 44 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      5-concept.tex
  2. 43
      esper-ota.bib

2
5-concept.tex
View File

@ -67,7 +67,7 @@ In addition to the two firmware ROMs, the flash provides room for the bootloader
\subsection{Cryptographically securing the firmware update} \subsection{Cryptographically securing the firmware update}
To ensure only valid firmware is running on the devices, a cryptographic signature of the firmware images is calculated and checked as part of the update process. To ensure only valid firmware is running on the devices, a cryptographic signature of the firmware images is calculated and checked as part of the update process.
For the calculation of the signatures, the \textit{sha256} hashing algorithm \cite{sha256} and an elliptic curve cipher based on \textit{Curve25519} \cite{curve25519} are used, which are both considered modern and secure methods for software signing \cite{crypto-ftw}.
For the calculation of the signatures, the \textit{sha256} hashing algorithm \cite{RFC6234} and an elliptic curve cipher based on \textit{Curve25519} \cite{bernstein2006curve25519} are used, which are both considered modern and secure methods for software signing (see \cite{barker2016nist, bsi}).
The cryptographic signature for each of the two firmware ROMs is created by the continuous integration system during build time and is provided as meta-information along with the firmware binaries. The cryptographic signature for each of the two firmware ROMs is created by the continuous integration system during build time and is provided as meta-information along with the firmware binaries.
Therefore, the CI system must be equipped with the private key used to create the signatures. Therefore, the CI system must be equipped with the private key used to create the signatures.

43
esper-ota.bib
View File

@ -138,3 +138,46 @@ year = {2016},
pages = {171--176}, pages = {171--176},
publisher = {IEEE} publisher = {IEEE}
} }
@techreport{RFC6234,
author = {D. Eastlake and T. Hansen},
title = {US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)},
howpublished = {Internet Requests for Comments},
type = {RFC},
number = {6234},
year = {2011},
month = {May},
issn = {2070-1721},
publisher = {RFC Editor},
institution = {RFC Editor},
url = {http://www.rfc-editor.org/rfc/rfc6234.txt},
note = {\url{http://www.rfc-editor.org/rfc/rfc6234.txt}},
}
@misc{barker2016nist,
title={NIST Special Publication 800--57 Part 1, Revision 4},
author={Barker, Elaine and Dang, Quynh},
year={2016}
}
@techreport(bsi,
author = {{Federal Office for Information Security}},
title = {Cryptographic Mechanisms: Recommendations and Key Lengths},
howpublished = {Online},
type = {BSI – Technical Guideline},
number = {BSI TR-02102-1},
year = {2017},
month = {February},
publisher = {Federal Office for Information Security, P.O.B. 20 03 63, 53133 Bonn, Germany},
institution = {Federal Office for Information Security},
note={{URL: }\url{https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-1.pdf}, 2017.05.22}
)
@inproceedings{bernstein2006curve25519,
title={Curve25519: new Diffie-Hellman speed records},
author={Bernstein, Daniel J},
booktitle={International Workshop on Public Key Cryptography},
pages={207--228},
year={2006},
organization={Springer}
}
Write Preview
Loading…
Cancel
Save