Cryptography in Embedded Systems

Questions and Answers

Which of the following is NOT a primary application of cryptography?

• Authenticating users or devices to a system.
• Detecting and correcting data transmission errors. (correct)
• Verifying the authenticity of digital messages using digital signatures.
• Ensuring data confidentiality through encryption.

What is the primary purpose of encryption?

• To prevent the interception of messages.
• To ensure only authorized parties can access the message content. (correct)
• To verify the sender's identity.
• To detect tampering with the message during transit.

What fundamental property does a cryptographic hash function provide?

• A fixed-length output regardless of the input message size. (correct)
• Encryption of the message for secure transmission.
• The ability to decrypt the hash value to retrieve the original message.
• Generation of unique encryption keys.

Which statement is true regarding the 'one-way function' property of cryptographic hash functions?

It is practically impossible to derive the original message from its hash value. (A)

Which of the following hash functions is considered insecure due to known vulnerabilities?

MD5 (A)

What is a key difference between symmetric and asymmetric cryptography?

Symmetric cryptography requires a secure channel for key exchange, while asymmetric cryptography does not. (C)

Which of the following is NOT a common symmetric encryption algorithm?

RSA (Rivest–Shamir–Adleman) (B)

In asymmetric cryptography, what is the purpose of the private key?

To decrypt messages encrypted with the corresponding public key and to create digital signatures. (D)

Which key is used by the sender to encrypt a message in asymmetric cryptography to ensure only the intended recipient can read it?

The recipient's public key. (A)

What is the primary advantage of asymmetric cryptography over symmetric cryptography in terms of key distribution?

One of the keys can be publicly distributed without compromising security. (A)

What is public-key authentication primarily used for?

Verifying the identity of a device or user. (D)

In the context of public-key authentication, which key does the verifier use to check the signature?

The entity's public key. (C)

What is a critical security consideration regarding private keys in asymmetric cryptography?

Private keys must be kept secret to maintain the security of the cryptosystem. (B)

What is the primary goal of side-channel attack countermeasures?

To reduce the leakage of information during cryptographic operations. (C)

How can quantum computers potentially impact asymmetric cryptography?

Quantum computers can make one-way functions reversible, potentially breaking asymmetric cryptography. (A)

Why is asymmetric cryptography often combined with symmetric cryptography?

To achieve both the speed of symmetric cryptography and the key distribution advantages of asymmetric cryptography. (D)

In the context of secure firmware updates, what does a digital signature of the update file primarily ensure?

The integrity and authenticity of the firmware. (D)

What is the role of 'burnt fuses' in the context of secure boot?

To permanently store the public key used for verifying the bootloader's signature. (C)

During a secure boot process, which key is used to sign the bootloader or kernel?

The device manufacturer's private key. (D)

What is the purpose of encrypting the update file in a secure firmware update process?

To protect the confidentiality of the new firmware. (D)

What is the primary function of Secure Shell (SSH) in embedded systems?

To securely access a remote computer or device over a network. (C)

Which cryptographic principle is used by SSH to verify the identity of the server?

Public-key authentication. (C)

How does Transport Layer Security (TLS) differ from Secure Shell (SSH)?

TLS is typically used for communication between a client and a server, while SSH is used for remote access to a computer. (C)

In the context of TLS, what role does a Certificate Authority (CA) play?

Verifying the authenticity of the server's public key. (C)

What is Pretty Good Privacy (PGP) primarily used for?

Encrypting and signing e-mails. (C)

Which type of cryptography does PGP primarily rely on?

Asymmetric cryptography. (B)

In asymmetric cryptography, what condition must be met for a verifier to trust a public key?

The public key must be certified by a trusted third party or exchanged over a secure channel. (A)

In the context of unknown public keys, what is the 'chain of trust' concept used for?

To verify a public key through a hierarchy of trusted certificate authorities. (C)

What is the role of Root Certificate Authorities (CAs) in the chain of trust?

To be the top-level trusted entities that intermediate CAs rely on. (A)

Which of the following is NOT a recommended practice when using cryptographic APIs?

Reimplementing cryptographic algorithms for better performance. (A)

Why is it important to correctly utilize cryptographic APIs instead of creating custom cryptography?

Implementation errors in cryptography can lead to security vulnerabilities. (A)

Why are established implementations of cryptographic algorithms usually preferred?

They are optimized and potentially implemented in hardware. (A)

Among cryptographic libraries/APIs, which one is usable as a library or as a command line tool, implementing cryptographic algorithms?

OpenSSL (B)

Post-quantum cryptography aims to develop cryptographic systems that are resistant to attacks from:

Quantum computers. (D)

Flashcards

What is Encryption?

Hides message content from unauthorized parties.

What are Digital Signatures?

Ensures the authenticity of a message or proves the identity of an entity.

What are Cryptographic Hash Functions?

Mathematical functions converting a message into a fixed-length hash value.

What is Symmetric Cryptography?

Encryption where the same key is used to encrypt and decrypt.

What is Asymmetric Cryptography?

Encryption where two different keys are used: one to encrypt, one to decrypt.

What is a Private Key?

A key that must be kept secret by its owner.

What is a Public Key?

Derived from the private key, shared publicly.

What can compromise Public-Key Cryptography?

Compromised if the private key is exposed or the public key isn't verified.

What are Side-Channel Attacks?

Attempts to gain secret knowledge from the physical cryptosystem implementation.

What is Secure Boot?

Restrict software run on a device, signed bootloader/kernel verified by processor.

What are Digital Signatures for Updates?

Prevents accepting malicious updates via manufacturer-signed update files.

What is Secure Shell (SSH)?

Network protocols for securely accessing a remote computer.

What is Transport Layer Security (TLS)?

Protocol for secure communication between client and server.

What is Pretty Good Privacy (PGP)?

Program for encrypting data/digital signatures.

What do Cryptographic APIs do?

A building block of security, use established libraries to avoid errors.

Describe Symmetric Encryption

Uses same key for encryption and decryption. Fast, but key exchange is challenging.

Describe Asymmetric Encryption

Uses different keys (public, private) for encryption and decryption. Slower, but simplifies key distribution.

How does SSH work?

Authenticate to verify an identity, then generate a symmetric key for communication.

How are public and private keys created?

Using multiplication of two very large prime numbers.

Study Notes

• Lecture 12 focuses on cryptography in embedded systems for hardware platforms and programming.

Motivation for Cryptography

• Cryptography serves as a fundamental security building block for many applications.
• Applications of cryptography include user or device authentication to a server or other user.
• Cryptography ensures data integrity and authenticity for documents and software.
• Cryptography provides data confidentiality for documents and passwords.
• Cryptographic applications are categorized into encryption and digital signatures.
• Encryption hides the content of a message from unauthorized parties.
• Digital signatures ensure message authenticity or prove entity identity.

Encryption

• Encryption encodes a message so only authorized parties can access it.
• Encryption denies message content to the interceptor, but it won't prevent interception.
• Encryption protects sensitive information, like personal data and intellectual property.

Digital Signatures

• Digital signatures are mathematical schemes verifying digital message authenticity.
• Valid digital signatures provide confidence of the message's origin without alterations during transit.
• Digital signatures are used to detect forgery or tampering in software updates, authentication, and data consistency ensuring software integrity.
• Cryptographic authentication methods often rely on digital signatures.

Cryptographic Hash Functions

• Functions convert a message to a fixed-length digit string (hash value).
• The hash value is a message's digital fingerprint, making it practically impossible to derive the original message from the hash value.
• Cryptographic hash functions make it impossible to find two different messages with the same hash value (collision resistance).
• MD5 (Message Digest 5) is insecure but was once very common.
• Secure Hash Algorithm (SHA) function families include SHA-1 (insecure), SHA-2 (most common like SHA-256), and SHA-3 (recently standardized).
• Cryptographic hash functions are used in integrity verification, preprocessing for digital signatures, and password storage.

Symmetric Cryptography

• Uses the same key to encrypt and decrypt a message.
• The key must be known to and kept secret by both parties.
• AES (Advanced Encryption Standard), DES (Data Encryption Standard), and Enigma are the best-known algorithms.
• It is fast but key distribution can be challenging.

Asymmetric Cryptography

• Encryption where two different keys are used to encrypt and decrypt a message.
• RSA (Rivest-Shamir-Adleman) and ECC (Elliptic Curve Cryptography) are the most common algorithms.
• Slower than symmetric cryptography but has key distribution advantages.
• One key can be distributed publicly, and the other key never needs to leave the device where it was created.
• Digital signatures are based on asymmetric encryption,

Private and Public Keys

• All asymmetric cryptography concepts use two different keys: A private key and a public key derived from the private key.
• The private key must be kept secret.
• The public key can be shared.
• The sender uses the recepient's public key to encrypt messages.
• The recepient uses their own private key to decrypt messages.
• Senders use their own private key and reciepients use sender's public key to verify the e signature.

Public-Key Authentication

• Cryptographically verifies the identity of a device or user, proving access to a secret private key.
• Public-key authentication is also known as challenge-response authentication.
• Encryption and Decryption method involves Bob sending Alice a a message encrypted with Alice's public key, and Alicia decrypts the message with her private key and sends it back to Bob in the form of a hash.
• Signature and verification involves, Bob sends alice random message and Alice signs it with her private key, Bob can then verify the signature.

Generation of Private and Public Keys

• Generated using a key pair generator based on one-way functions.
• A one-way function example is the multiplication of two large prime numbers; finding the two prime numbers from the result is possible but not feasible in a reasonable time.
• The individual prime numbers are the private key, and the result is the public key which can be used for encryption.
• This approach is used in the RSA cryptographic system.

Limits of Asymmetric Cryptography

• Public-key cryptography can be compromised if the private key is not kept secret.
• Algorithms are considered secure under the condition that the keys are long enough and generated from good random numbers.
• One-way functions may become reversible with quantum computers. Quantum comptuers have not broken the foundation of asymmetric cryptography so far.
• Slower than symmetric cryptography

Side-Channel Attacks

• Attempts to get secret knowledge based on physical implementation of cryptosystems.
• Examples include timing attacks, power analysis, and electromagnetic analysis.
• Countermeasures can be taken by reducing side-channel leakage, or reducing correlation between the leakage and the secret information.

Risk by Quantum Computing

• Makes one-way functions reversible, potentially breaking asymmetric cryptography like RSA and ECC.
• Symmetric cryptography should not be affected by quantum computers because they aren't based one-way functions.

Combination with Symmetric Cryptography

• Asymmetric cryptography can be used to exchange a common session-specific key, which can then be used for symmetric cryptography (like AES).
• In one implementation, the sender generates a random symmetric key, encrypts it with the receiver's public key, and sends it to the receiver.
• In a more complex Diffie-Hellman key exchange the sender and receiver exchange public keys, and use them to generate a common key, which is then used for symmetric cryptography.

Applications of Cryptography in Embedded Systems

• Including Secure Boot, Secure Firmware Updates and Secure Communication

Secure Boot

• Restricts the software that can be run on the device.
• Used to protect private data or intellectual property and prevent unintended uses.
• It requires a bootloader and/or a kernel to be verified by the processor before execution, based on asymmetric cryptography.
• The bootloader/kernel is signed with a private key, and the corresponding public key is immutably stored in hte processor, and the private key is kept secret by the devicd manufacturer

Secure Firmware Updates

• Firmware updates provide security to the end-users of electronic products and the update process should be secured from unauthorized access and the update should be signed
• Encryption of the update files the update usually keeps information that the manufacturer keeps secret.
• Digital signatures are used to prevent the device from accepting a malicious update, and it is signed with a private key.

Secure Communication

• Involves a use of Secure Shell (SSH) and Transport Layer Security (TLS)

Secure Shell (SSH)

• Network protocol for accessing a remote computer securely.
• Used for secure remote login, command execution, and other network services.
• Used for logging in to Linux-based devices via a network.
• SSH is a server-client protocol based on public-key authentication and symmetric encryption.

Transport Layer Security (TLS)

• Transport Layer Security (TLS) works similarly to SSH, but it is used for communication between a client (e.g. web browser) and a (web) server.
• TLS is used for encrypting the data traffic, and for authentication of the server.

Pretty Good Privacy (PGP)

• The OpenPGP standard for encryption of data and digital signatures.
• Designed for encrypting and signing e-mails but can be used for other applications.
• The OpenPGP standard is implemented by PGP and GNU Privacy Guard (GnuPG, free software).

Trust in Known Public Keys

• All asymmetric cryptography applications require the verifier or sender to trusts that the public key belongs to the entity.
• Trust can be established when humans meet, OEMs stores the key, use logs in with a password

Trust in UNknown Public Keys

• If there is no secure channel the public key must be verified by a trusted third party
• Few root certificate authorites in relation to authenticating the certificate path is used.

Cryptographic APIs

• Using common cryptographic libraries is important to use security correctly and avoid introducing implementation vulnerabilities.
• Common APIs include OpenSSL, Crypto++, and mbed TLS.