Digital Forensics of Raspberry Pi Used for MITM

Gupta, Anoop; Desai, Aishwarya Ulhas; Sahai, Ankita

doi:10.1007/978-3-030-23547-5_8

Cited by 4 publications

(3 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…2) Cold Boot Attacks/Liquid Nitrogen Memory Analysis: Dynamic random-access memory (DRAMs) are assumed to lose their data as soon as the system shuts down, however, studies have shown that they are capable of preserving data for several seconds after power loss, with only a small portion of data being discarded [63]. There is evidence that such data preservation in DRAMs poses a security risk [64], since systems that rely on data encryption and passwords frequently store sensitive data in DRAM with the expectation that a restart or removal of the DRAM will delete the data.…”

Section: E Alternative Approaches To Breaking Encryptionmentioning

confidence: 99%

Systematic Literature Review of EM-SCA Attacks on Encryption

Zunaidi,

Sayakkara,

Scanlon

2024

Preprint

View full text Add to dashboard Cite

Cryptography has become an essential tool in information security, preserving data confidentiality, integrity, and availability. However, despite rigorous analysis, cryptographic algorithms may still be susceptible to attack when used on real-world devices. Side-channel attacks (SCAs) are physical attacks that target cryptographic equipment through quantifiable phenomena such as power consumption, operational times, and EM radiation. These attacks are considered to be a significant threat to cryptography since they compromise the integrity of the algorithm by obtaining the internal cryptographic key of a device by seeing its physical implementation. The literature on SCAs has focused on real-world devices, yet with the growing popularity of sophisticated devices like smartphones, fresh approaches to SCAs are necessary. One such approach is electromagnetic side-channel analysis (EM-SCA), which gathers information by listening to electromagnetic (EM) radiation. EM-SCA has been demonstrated to recover sensitive data like encryption keys and has the potential to identify malicious software, retrieve data, and identify program activity. This study aims to evaluate how well EM-SCA compromises encryption under various application scenarios, as well as examine the role of EM-SCA in digital forensics and law enforcement. Regarding this, addressing the susceptibility of encryption algorithms to EM-SCA approaches can provide digital forensic investigators with the tools they desire to overcome the challenges posed by strong encryption, allowing them to continue playing a crucial role in law enforcement and the justice system. Furthermore, this paper seeks to define the current state of EM-SCA in terms of attacking encryption, the encryption algorithms and encrypted devices that are most vulnerable and resistant to EM-SCA, and the most promising EM-SCA on encryption approaches. This study will provide a comprehensive analysis of EM-SCA in the context of law enforcement and digital forensics and point towards potential directions for further research.

show abstract

Section: E Alternative Approaches To Breaking Encryptionmentioning

confidence: 99%

Systematic Literature Review of EM-SCA Attacks on Encryption

Zunaidi,

Sayakkara,

Scanlon

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…A Raspberry Pi‐based adversary model is proposed by Gupta et al. [29] for demonstrating MITM attack. They have created a rogue wireless access point that captures critical user information.…”

Section: Related Workmentioning

confidence: 99%

“…They have executed their work for different machine learning algorithms for three kinds of cyber-attacks to verify the system's best option. A Raspberry Pi-based adversary model is proposed by Gupta et al [29] for demonstrating MITM attack. They have created a rogue wireless access point that captures critical user information.…”

Section: Kali Linux-based Real-time Attack Modelsmentioning

confidence: 99%

DEC‐LADE: Dual elliptic curve‐based lightweight authentication and data encryption scheme for resource constrained smart devices

Rao

Prema

2021

IET Wireless Sensor Systems

View full text Add to dashboard Cite

The fast growth in Internet‐of‐Things (IoT) applications has increased the number of end‐devices communicating over the Internet. As these resource‐constrained devices are connected over the Internet, they are exposed to various security and privacy issues. Traditionally, to provide end‐to‐end security, research efforts have been carried out using elliptic curve cryptography‐based authentication schemes. These existing schemes use a single set of elliptic curve parameters to generate the public and private keys, which are prone to be hacked under intense cryptanalysis. Thereby to increase the security strength the proposed method uses two sets of dynamic elliptic curves for performing digital signature and encryption processes. The method is evaluated on a client‐server model using the Raspberry Pi‐3 device. Herein, the choice of elliptic curves is made random at the client node and the reference of each elliptic curve is exchanged with the server during the key‐exchange process. The choice of elliptic curves is delegated to the client machine to avoid the unwanted delay that would be encounter if server had to choose the curve. This is done because the client senses the data at regular intervals of time and forwards it to the server securely. Experiments were conducted to measure the time taken for hashing function, key generation, signature generation, signature verification, encryption and decryption process. On comparing the proposed DEC‐LADE with cBLAKE2b, an improvement was seen at 13.76%, 2.57%, 18.36%, 6.12%, 9.91% and 6.08% less time, respectively, than LWDSA with mBLAKE2b. Theoretical and real‐time security evaluations are performed for man‐in‐the‐middle attack, replay attack, and a denial‐of‐service attack.

show abstract