Quote: verify the integrity of an embedded device by computing partial hash of its contents; problem of man in the middle attack

Quotation Skeleton

The problem concerns the integrity verification of a … [p. 53] The client is a software-controlled field-programmable device … The adversary can reverse engineer the client's software … [including software uploads] … The adversary can modify the client's software at … The adversary cannot modify or substitute the client's … [p. 54] [nor] mount a man in the middle … The effective entropy of the machine representation of … [p. 56] In order to be able to verify … [adds] the following message … This message requests from the device to compute … [ref] (message digest) such as RIPEMD-160 [ref] of its program storage … . [p. 58] Processor state can be set to … the server. The server can then query a … Our approach is particularly vulnerable to a man …   Google-1   Google-2

Copyright clearance needed for quotation.

Related Topics

Topic: security leaks and weaknesses (56 items)
Topic: embedded systems (26 items)
Topic: security of remotely executed code (22 items)
Topic: one-way hash function (23 items)