Title: Cryptography for Quality Assurance An Implementation to Verify Authenticity
and Integrity of Embedded System Test Reports
Publisher: Guru Nanak Publications
Series: Volume 3 Issue 2
Authors: Sriharsa Mohapatra and Rupesh Kumar
The work presented here has been developed
for quality assurance of embedded system test reports
in Nuclear Power Corporation of India Limited,
Mumbai. Embedded system test reports are generated
by running test programs on embedded systems and
are later verified. The requirement is to convey to the
verifier whether the test report is authentic or
tampered  . The first of our implementation
ensures the same using digital signature. However, the
digital signature generating incurs significant
processing load on embedded systems  .
Therefore, an alternative implementation has also been
developed. It transfers (over TCP connection) the test
report to a workstation as soon as the test report is
generated. While transferring authenticity and
integrity of the test report is verified using keyed
Hashed Message Authentication Code (HMAC) .
HMAC incurs negligible processing load . The
HMAC uses a symmetric key that is formed
dynamically mixing four different types of key seeds.
This mixing is carried out according to predefined key
mixing tables. Immediately after receiving the report,
the workstation appends the digital signature to the
report. To avoid practical constraints, library support
and compatibility issues the entire implementation has
been developed using C code. Further, these cyclic
group cryptographic operations process big integers
using decimal digits for ease of documenting,
debugging and understanding.
Client and server applications, Cryptography, Daffier Hellman key exchange, Digital signature, Hashed message Authentication code (HMAC), Network communication, Network threats, Quality assurance, Test report authenticity, Test report tampering detection, SHA hashing, Side channel attacks.