Browse Source

Added cites for the crypto stuff

master
Christian Pape 8 years ago
parent
commit
720a37c19a
  1. 2
      5-concept.tex
  2. 43
      esper-ota.bib

2
5-concept.tex

@ -67,7 +67,7 @@ In addition to the two firmware ROMs, the flash provides room for the bootloader
\subsection{Cryptographically securing the firmware update}
To ensure only valid firmware is running on the devices, a cryptographic signature of the firmware images is calculated and checked as part of the update process.
For the calculation of the signatures, the \textit{sha256} hashing algorithm \cite{sha256} and an elliptic curve cipher based on \textit{Curve25519} \cite{curve25519} are used, which are both considered modern and secure methods for software signing \cite{crypto-ftw}.
For the calculation of the signatures, the \textit{sha256} hashing algorithm \cite{RFC6234} and an elliptic curve cipher based on \textit{Curve25519} \cite{bernstein2006curve25519} are used, which are both considered modern and secure methods for software signing (see \cite{barker2016nist, bsi}).
The cryptographic signature for each of the two firmware ROMs is created by the continuous integration system during build time and is provided as meta-information along with the firmware binaries.
Therefore, the CI system must be equipped with the private key used to create the signatures.

43
esper-ota.bib

@ -138,3 +138,46 @@ year = {2016},
pages = {171--176},
publisher = {IEEE}
}
@techreport{RFC6234,
author = {D. Eastlake and T. Hansen},
title = {US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)},
howpublished = {Internet Requests for Comments},
type = {RFC},
number = {6234},
year = {2011},
month = {May},
issn = {2070-1721},
publisher = {RFC Editor},
institution = {RFC Editor},
url = {http://www.rfc-editor.org/rfc/rfc6234.txt},
note = {\url{http://www.rfc-editor.org/rfc/rfc6234.txt}},
}
@misc{barker2016nist,
title={NIST Special Publication 800--57 Part 1, Revision 4},
author={Barker, Elaine and Dang, Quynh},
year={2016}
}
@techreport(bsi,
author = {{Federal Office for Information Security}},
title = {Cryptographic Mechanisms: Recommendations and Key Lengths},
howpublished = {Online},
type = {BSI – Technical Guideline},
number = {BSI TR-02102-1},
year = {2017},
month = {February},
publisher = {Federal Office for Information Security, P.O.B. 20 03 63, 53133 Bonn, Germany},
institution = {Federal Office for Information Security},
note={{URL: }\url{https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-1.pdf}, 2017.05.22}
)
@inproceedings{bernstein2006curve25519,
title={Curve25519: new Diffie-Hellman speed records},
author={Bernstein, Daniel J},
booktitle={International Workshop on Public Key Cryptography},
pages={207--228},
year={2006},
organization={Springer}
}
Loading…
Cancel
Save