Cryptography for Quality Assurance An Implementation to Verify Authenticity and Integrity of Embedded System Test Reports

Title: Cryptography for Quality Assurance An Implementation to Verify Authenticity and Integrity of Embedded System Test Reports
Publisher: Guru Nanak Publications
ISSN: 2278-0947
Series: Volume 3 Issue 2
Authors: Sriharsa Mohapatra and Rupesh Kumar


Abstract

The work presented here has been developed for quality assurance of embedded system test reports in Nuclear Power Corporation of India Limited, Mumbai. Embedded system test reports are generated by running test programs on embedded systems and are later verified. The requirement is to convey to the verifier whether the test report is authentic or tampered [1] [2]. The first of our implementation ensures the same using digital signature. However, the digital signature generating incurs significant processing load on embedded systems [6] [9]. Therefore, an alternative implementation has also been developed. It transfers (over TCP connection) the test report to a workstation as soon as the test report is generated. While transferring authenticity and integrity of the test report is verified using keyed Hashed Message Authentication Code (HMAC) [10]. HMAC incurs negligible processing load [11]. The HMAC uses a symmetric key that is formed dynamically mixing four different types of key seeds. This mixing is carried out according to predefined key mixing tables. Immediately after receiving the report, the workstation appends the digital signature to the report. To avoid practical constraints, library support and compatibility issues the entire implementation has been developed using C code. Further, these cyclic group cryptographic operations process big integers using decimal digits for ease of documenting, debugging and understanding.

Keywords

Client and server applications, Cryptography, Daffier Hellman key exchange, Digital signature, Hashed message Authentication code (HMAC), Network communication, Network threats, Quality assurance, Test report authenticity, Test report tampering detection, SHA hashing, Side channel attacks.

Download Full Text

(For complimentary copy, please contact Chief_editor@innovationjournals.com)