Side-Channel Security on Key Exchange Protocol: Timing and Relay Attacks
Mohd Anuar Mat Isa, Habibah Hashim, Syed Farid Syed Adnan, Nur Nabila Mohamed, Yasin Fitri Alias
Abstract
The advancing of Key Exchange Protocol (KEP) is compulsory to secure the connected world via Internet of Thing (IoT), cryptocurrency and blockchain, virtual intelligent, smart computing etc. To address the security issues in the Internet based computing systems, this paper explores the side-channel security for KEP, namely timing and relay attacks. Nowadays, various KEP variances are used by internet protocol such as IKEv2/3. The purpose of KEP is to enable a secret key(s) sharing between two or more computing systems on unsecure network. Later, the secret key(s) is used to encrypt all data transmitted for online systems such as internet banking, cryptocurrency transaction, IoT services etc. The timing attack was addressed by an adversary model and security assumptions. The relay attack on KEP was tested by an experiment testbed between a key fob and car using Raspberry Pi and RF module. The experiment result has shown that the propagation delay of KEP on RF communication is increased by 100% for each relay node. If the KEP runtime is increased greater than 50%, the KEP authentication key should be discarded to prevent the attacker from gaining access to the car.
Keywords
side-channel attack; timing; relay; key exchange protocol; diffie-hellman
DOI:
http://doi.org/10.11591/ijeecs.v11.i2.pp688-695
Refbacks
- There are currently no refbacks.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Indonesian Journal of Electrical Engineering and Computer Science (IJEECS)
p-ISSN: 2502-4752, e-ISSN: 2502-4760
This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).
IJEECS visitor statistics