SECURE FIRMWARE VALIDATION AND UPDATION

A MINI PROJECT REPORT

Submitted by

M.S. MEENAKSHI SUNDHARAM 1605090

M.PRABHAKARAN 1605092

in partial fulfilment for the award of the degree

of

BACHELOR OF ENGINEERING

in

COMPUTER SCIENCE

COIMBATORE INSTITUTE OF TECHNOLOGY

(Government Aided Autonomous Institution Affiliated to Anna

University)

COIMBATORE – 641014
 COIMBATORE INSTITUTE OF TECHNOLOGY
(A Govt. Aided Autonomous Institution Affiliated to Anna University)
COIMBATORE –641 014

BONAFIDE CERTIFICATE

Certified that this mini project“SECURE FIRMWARE VALIDATION AND

UPDATION”is the bonafide work of M.S.MEENAKSHI SUNDHARAM ,
M.PRABHAKARAN, under my supervision during the academic year 2018-
2019.

Dr.G.Kousalya, M.E., Ph.D Mr. B.Arun Kumar

HEAD OF THE DEPARTMENT, ASSISTANT PROFESSOR,
Department of CSE, Department of CSE&IT,
Coimbatore Institute of Technology, Coimbatore Institute of Technology,
Coimbatore– 641 014. Coimbatore– 641 014.

Certified that the candidates were examined by us in the project work viva-voce
examination held on …………………

Internal Examiner External Examiner

Place:

Date:
 TABLE OF CONTENTS

CHAPTER NO. TITLE PAGE NO

ACKNOWLEDGEMENT I
ABSTRACT II
LIST OF ABBREVIATIONS III

1 INTRODUCTION 1

1.1 Firmware 1

1.2 Elliptic Curve Cryptography 2

1.3 Scope 2

1.4 Existing Systems 2

1.5 Advantages of proposed system 3

2 LITERATURE SURVEY 4

3 REQUIREMENTS 8

3.1 Hardware requirements 8

3.2 Software requirements 8

4. PROPOSED SYSTEM 9

4.1 Server 9

4.2 Client 9

5 DESIGN AND IMPLEMENTATION 11

5.1 Server Side Script 11

5.2 Client Side Script 12

6 CONCLUSION AND FUTURE SCOPE 14

7 REFERENCES 15
 LIST OF FIGURES

FIGURE NO. TITLE PAGE NO.

1 BLOCK DIAGRAM 10

2 SERVER TEXT BOX 11

3 ERROR MESSAGE BOX 11

4 SUCCESS MESSAGE BOX 12

5 CLIENT TEXT BOX 12

6 PASSCODE ERROR BOX 13

7 FIRMWARE DOWNLOAD PAGE 13

 ACKNOWLEDGEMENT

Our Project, “Secure Firmware Validation and Updation” has been the
result of motivation and encouragement from many, whom we would like to
thank.

We take this opportunity to express our sincere thanks to our Secretary

and Professor Emeritus, Dr.R.Prabhakar,B.Tech, M.S., Ph.D., and our
Principal Dr.V.Selladurai, M.E., Ph.D., for providing us the necessary
facilities and support for successful completion of this project.

We would like to record our gratitude to Prof.K.S.Palanisamy,M.E.,

Joint Coordinator, Department of Computer Science and Engineering &
Information Technology for his enthralling support.

We would like to sincerely thank our Head of the Department,

Dr.G.Kousalya, M.E., Ph.D., for her guidance and encouragement throughout
this project.

We express our sincere thanks and gratitude to our guide Mr.B.Arun

Kumar, M.E., for his sustained support and guidance which helped in the
timely completion of the project.

We sincerely thank all our faculty members for the advice and support in
various dimensions of the project work. We present our gratefulness to the Lab
Assistants and other non teaching staff for their timely support and assistance in
the laboratory. Finally, we like to thank our families and friends for their
appreciation and guidance.

I
 ABSTRACT

Embedded systems are more than ever present in consumer electronics devices
such as home routers, personal computers. Firmware, which is embedded
software specifically designed for monitoring and control in resource
constrained conditions, was not a major attack target. However, recent serious
cyber attacks focus on firmware rather than application or operating system
levels, because exploiting the firmware level offers stealth capabilities, e.g.,
anti-virus software and operating system cannot reveal such a firmware level
exploit. A remote firmware update is required for consumer devices connected
to the Internet to improve the existing Firmware. The proposed scheme utilizes
an Eliptic Curve based mutual ID authentication and key derivation to securely
distribute a firmware image.

II
 LIST OF ABBREVIATIONS

 ECC - Elliptic Curve Cryptography

 IOT - Internet Of Things
 HTML - HyperText Markup Language
 URL - Uniform Resource Locator
 DDOS - Distributed Denial-of-Service
 DSA - Digital Signature Algorithm
 DH - Diffie Hellman
 GUI - Graphical User Interface

III
INTRODUCTION
 CHAPTER 1

1.INTRODUCTION

1.1 FIRMWARE

Firmware is a software program or set of instructions programmed on a

hardware device. It provides the necessary instructions for how the device
communicates with the other computer hardware.

1.1.1 Firmware explained

It is programmed to give permanent instructions to communicate with other

devices.it also takes control over the other devices.

1.1.2 Threats to firmware

Some of threats to firmware are

 Maliciously crafted input buffer overflows to inject malware.

 Unauthorized access to sensitive data-disclosure of system management

random access memory(SMRAM) contents.

 Insider threats-Malicious and Non-Malicious.

1.1.3 Attacks using firmware

Some of the attacks using firmware are

 BRICK computer device by corrupting firmware code.

 Create a DDOS attack by corrupting multiple systems.

 A PDOS(Permamnent Denial of Service) attack by flashing network

devices
1.2 Elliptic Curve Cryotography

Elliptic curve cryptography is an approach to public-key cryptography based on

the algebraic structure of elliptic curves over finite fields. Elliptic curves are
applicable for key agreement, digital signatures, psuedo random generators and
other tasks. They can be used for encryption for combining the key agreement
with a symmetric encryption scheme. They are also used in several integer
factorization algorithms based on elliptic curves that have applications in
cryptography, such as Lenstra elliptic curve factorization.

1.2.1 ECC advantages

Before ECC became popular, almost all public key algorithms were based on
RSA and alternative cryptosystems based on modular arithmetic. ECC produces
key with sizes far lesser than RSA and other exponential encryption algorithm.
ECC thus has the capability of being run faster than any other algorithms, thus
improve computation capabilities.

1.3 Scope:

The scopes of the project is given below:

 Improve the security of the firmware updation process.

 Validate server and client before file transfer happens with lesser key size
transfers.

 Faster computation time of authentication mechanism for implementing

in embedded devices.
1.4 Existing Systems:

The existing authentication systems use the following mechanisms:

 Transfer and authenticate certificates for key exchanges for

establishing identity between server and client.

 Usage of RSA and other exponential based key authentication

systems in authentication of server and client.

1.5 Advantages of proposed system:

The suggested system would improve security of firmware updation and also
reduces computational overhead in performing authentications in resource
limited conditions like in embedded devices and smart objects.
LITERATURE SURVEY
 CHAPTER 2

2. LITERATURE SURVEY:

2.1 Secure Firmware Validation and Update for Consumer Devices in

Home Networking

Authors:Byung-Chul Choi, Seoung-Hyeon Lee, Jung-Chan Na, and Jong-

Hyouk Lee.

Description:

 Discusses the main threats to firmware such as firmware alteration during

firmware transfer to remote host during updation.

 Discusses about using mutual key based authentication system for

authenticating both the server and the client during firmware updation
thus forming the validation phase.

 Introduces a new architecture for transferring a firmware image from

server to the embedded device by placing a client node between server
and the devices at the end.

Advantages:

 Introduces a new client based architecture for remote firmware update

validation by allowing both server and client to authenticate each other
through transfer of keys.

 Then it introduces usage of hash chaining for transferring fragments of

same firmware image to the embedded devices.

Disadvantages:

 Does not explain about any algorithm in specific and machine capabilities
of the client for firmware exchange.

 Does not propose alternatives for loss of fragments during transfer of

firmware to the embedded devices connected to the client.

4
2.2 A New Approach of Elliptic Curve Diffie-Hellman Key Exchange

Authors:NissaMehibel ,M’hamedHamadouche

Description:

 Discussed about using elliptic curve for key exchange algorithm such as
DiffieHelmann algorithm.

 This paper describes how Elliptic Curve Cryptosystem (ECC) schemes

can be used as public-key mechanisms that provide encryption, digital
signature and key exchange capabilities.

 Discusses in detail about how diffiehelmann with ecc can be used for key
exchange with proof for the same.

Advantages:

 DiffieHelmann algorithm with Ecc has lesser size encrypted messages

than existing exponential based encryption systems.

 Hence this algorithm would perform with much higher speeds than
existing algorithms.

 The paper shows proof for the same with comparisons with other
algorithms.

Disadvantages:

 Does not provide basis for making the algorithm work in smaller systems
such as iot devices and so on.

 Discusses about certificate transfer for choosing the curve and its
parameters and not about its computation complexity especially in
minimal hardware situations.

5
2.3 AN ELLIPTIC CURVE AUTHENTICATED KEY EXCHANGE
BASED APPROACH TO KEY INFRASTRUCTURE

Authors:Praveen Koduri

Description:

 In this paper we discuss the complete key setup procedures and various
scenarios describing how confidential communication is performed once
the key has been setup and mutual authentication achieved.

 They introduce an elliptic curve analog to the existing Exponential

Encrypted Key Exchange methods, with a view to optimizing such
techniques for implementation.

 Here the complete scheme is decribed in two stages namely,

1)key setup process

2)Communicating using the key derived from the key setup process.

Advantages:

 Setting up key exchanges and authentication systems for mobile systems

such as embedded systems and iot devices are briefly explained.

 An implementation method called Ec-Eke is used for setting up key

exchanges with the user.

Disadvantages:

 The system proposes a shared key resource for minimising the load of
computation on mobile devices.

 This further will create new threats for the mobile device firmwares and
does not solve our problem statement.

6
2.4Design of ECC based Authenticated Group Key Agreement Protocol
Using Self-Certified Public Keys

Authors: Shalini Gupta, Abhimanyu Kumar, Nitin

Description:

 Self-Certified Public keys is proposed in this paper and it describes how

certificate management problems can be overcome by using these keys
instead of transferring certificates for each setup.

 The proposed protocol also gives the Join and Leave procedures which
facilitates key updation on the change of group membership.

 Discusses performance improvements of the system by implementing this

protocol.

Advantages:

 Uses ECC based encryption techniques thus incorporating its efficiency

and small size to the protocol.

 Uses self-certified public keys thus reducing the computation complexity

of transferring certificates between server and client and thus gives way
for usage in minimal hardware environment.

Disadvantages:

 Does not describe about the process of join and leave procedure for group
members for key sharing.

 The only limitation of this protocol is that the key updation cost by leave
procedure is not justified as compared to the initialization cost.

7
REQUIREMENTS
I
 CHAPTER 3

REQUIREMENTS

3.1 HARDWARE REQUIREMENTS

 Hard Disk : 10MB

 RAM : 1MB

 Processor Speed : 1Mhz

 Keyboard: 14”

3.2 SOFTWARE REQUIREMENTS

 Operating System : Any Linux Distros

 Programming Language : Python

 Web-Page Language: HTML

8
PROPOSED SYSTEM
 CHAPTER 4

PROPOSED SYSTEM

The proposed system consists of a server and a client model that

authenticates each other through ECC algorithm and the client can act as a
manger that distributes the firmware image to the various IOT devices that are
connected to it.

4.1 SERVER

The server has a program running it it always waiting for connections for
multiple clients. Whenever a client connects to the server , the server sends a
passcode to the client for authentication and waits for the reply. Based on the
reply, the server prompts the user whether the client is trustworthy or not.

If the client is authenticated, a passcode is received from client side. This

passcode is converted to a signature using the ECC algorithm. This signature is
matched with the in-built passcode in the script.

When authenticated the server sends the URL link to the client that
consists of the firmware image that he client requests.

4.2 CLIENT

The client has a program runs only when the user at the client side wishes
to run it. The client program requests connection to server and waits for the
passcode. Once the passcode is received , the client side script generates a
signature using the ECC algorithm and authenticates it with its in-built
signature.

When the client authenticates the server , the client prompts the user to
type a passcode to be sent to the server for getting the firmware link.

Once authenticated , the client receives the firmware image downloadable

link and the client side script automatically opens it up in a new browser page to
be downloaded to the client side machine. The client can then distribute the
image to various machines that are connected to it.

9
 SERVER

WEBSITE HOSTED BY
SERVER

FIRMWARE WEBSITE

1)CLIENT AND SERVER

AUTHENTICATES EACH
2) FILE TRANSFR
OTHER THROUGH ECC
HAPPENS THROUGH
ALGORITHM.
HTML LINK.

3) MANAGER CLIENT
DISTRIBUTES FILE TO
IOT DEVICES . /MANAGER

IOT DEVICES
Figfi

FIGURE 1

10
DESIGN AND IMPLEMENTATION
I
 CHAPTER 5
DESIGN AND IMPLEMENTATION

The design phase consists of two phases

1. Server side script
2. Client side script

5.1SERVER SIDE SCRIPT

The server side script consists of various functions namely , the

ECC implementation, passcode getting function and a passcode sharing
function . The server also must notify the user about the status of the passcode
sharing and authentication happening through a GUI that is easy to comprehend.

A desktop file to start the server side script is created in Linux and
the user can start the server using this file. This file is made executable so that
the user can double click to open the server. After opening the server , the
network connection function runs to establish a connction to the client.

Once a connection is established , the server prompts the user to

enter a passcode by opening up a textbox with a submit button like in the figure
shown below.

FIGURE-2

After the submit button is pressed, the server sends the passcode to
the client for authentication. Once a response is got by the server , it
checks whether it is an error or not. If it is an error , then it displays it
through a message box like in the figure below.

FIGURE-3

11
 If the client does not return an error then it invokes the
verify_signature function in the script and checks for validity and
authenticity. If the signature matches , then the server returns a dialog box
as shown below and sends a URL for firmware image to the client.

FIGURE-4

If there is an error then it notifies the user about the error using the
same message box as in figure-3 and exits. This is how the server side
script works.

5.2CLIENT SIDE SCRIPT

The client side script consists of various functions namely , the

ECC implementation, passcode getting function and a passcode sharing
function and a webpage/URL opening function. The client also must notify the
user about the status of the passcode sharing and authentication happening
through a GUI that is easy to comprehend such as a textbox or a message box.

A desktop file to start the client side script is created in Linux and
the user can start the client using this file. This file is made executable so that
the user can double click to open the client. After opening the client , the
network connection function runs to establish a connection to the server by
sending a request to the server. Once the server accepts the request , it sends a
passcode to the client that it got from the user.

The client side script invokes the verify_signature function and

checks the signature generated using the passcode with its in-built signature. If
the signature matches then the client side script prompts the user to enter a
passcode to be sent to the server side through a text box shown below in the
figure.

FIGURE-5

12
 After the submit button is pressed, the client sends the passcode to
the server for authentication. Once a response is got by the client , it
checks whether it is an error or not. If it is an error , then it displays it
through a message box like in the figure below.

FIGURE-6

If the server does not return an error then it invokes the open URL
function in the script . This opens a Mozilla Firefox browser and a new
tab for opening the URL. If an URL is received at the client side , then
mutual key authentication is completed and server and client are
validated.

Now a webpage as shown in figure below is displayed to the user

with the downloadable link for the firmware image with a big blue button.
The user is given sufficient information in the webpage for downloading
the file.

FIGURE-7

13
 This is how the client side script works and mutual key
authentication is done.

14
CONCLUSION AND FUTURE SCOPE
 CHAPTER 6

CONCLUSION AND FUTURE SCOPE

The project focuses on creating a secure way for authenticating and

validating the server and client and creates a secure way for transferring the
firmware image file to the client from the server . Usage of ECC algorithm for
validating server and client provides great security as the ECC algorithm does
not have the linear logarithmic problem and is not easily crack able like RSA.
Also using ECC algorithm has less overload as the key sizes ar far more lesser
in weight compared to other key generating algorithms and hence is most
suitable for implementing in IOT devices and embedded systems. Thus a secure
way for firmware validation and updation is provided through this project.

The future works would be on creating a decentralised server for

distributing the image downloaded to various IOT machines connected to the
client machine . For this the interplanetary file system (IPFS) can be used as it is
of lesser weight compared to existing servers and can be easily implemented in
embedded machines.

14
REFERENCES
I
 CHAPTER 7

REFERENCES

[1]Byung-Chul Choi, Seoung-Hyeon Lee, Jung-Chan Na, and Jong-

HyoukLee.“Secure Firmware Validation and Update for Consumer Devices in
Home Networking”, IEEE , 2018

[2] NissaMehibel ,M’hamedHamadouche,”A New Approach of Elliptic

Curve Diffie-Hellman Key Exchange”, IEEE , 2018

[3] Praveen Koduri,“An Elliptic Curve Authenticated Key Exchange Based

Approach To Key Infrastructure” ,IEEE , 2017

[4] Shalini Gupta, Abhimanyu Kumar, Nitin.”Design of ECC based

Authenticated Group Key Agreement Protocol Using Self-Certified Public
Keys”, IEEE , 2017

[5] Balkis Bettoumi, Ridha Bouallegue”Evaluation of Authentication Based

Elliptic Curve Cryptography in Wireless Sensor Networks in IoT
Context”,IEEE . 2017

15