Secure firmware validation and update for consumer devices in home networking

Choi, Byungchul; Lee, Seoung-Hyeon; Na, Jung-Chan; Lee, Jong‐Hyouk

doi:10.1109/tce.2016.7448561

Cited by 56 publications

(41 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Choi et al [8] studied firmware validation and upgrades for home networks. In their paper, the network architecture for the firmware upgrade consists of a firmware server; a home network manager, which is a router or WAP; and home network devices.…”

Section: Related Workmentioning

confidence: 99%

“…However, security issues are not considered or missed. The other approach uses improper assumptions, only suggesting protocols without any experiments [8,14,17].…”

Section: Related Workmentioning

confidence: 99%

“…In [14], they assumed a pre-shared key for symmetric encryption, but we utilize the ephemeral Diffie-Hellman key agreement protocol in TLS to agree on an encryption key [19]. Contrary to [8], we consider practical environments and assume that only the firmware server has a pair of public and private keys and correct certification. Furthermore, WAPs do not receive their key from the firmware server.…”

Section: Related Workmentioning

confidence: 99%

“…Then, S sends a server hello message We considered the ideal assumptions of previous works [8,12], i.e., that a pre-shared symmetric key exists and all servers and WAPs have a pair of public and private keys, from a practical point of view. A symmetric key is calculated by the ephemeral Diffie-Hellman key agreement protocol in the TLS protocol.…”

Section: Proposed Firmware Upgrade Protocolmentioning

confidence: 99%

“…USB devices, network interface cards, and batteries are also vulnerable to the same problem [5][6][7]. In addition, firmware modification attacks will become more popular because antivirus software and operating systems cannot reveal firmware-level exploits [8].…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Sustainable and Practical Firmware Upgrade for Wireless Access Point Using Password-Based Authentication

Jang

Jung

2016

Sustainability

View full text Add to dashboard Cite

Wireless access points (WAPs) are devices that provide Internet connectivity to devices such as desktops, laptops, smartphones, and tablets. Hence, it is important to provide sufficient availability to devices and security for the traffic that is routed by a WAP. However, attackers can decrease the network bandwidth or obtain the traffic including private data such as search histories, login information, and device usage patterns by exploiting the vulnerabilities in firmware upgrades to install malicious firmware. To address this problem, we propose a sustainable and practical firmware upgrade for a WAP using password-based authentication. The proposed upgrade protocol ensures security by adding freshness to the firmware whenever a firmware upgrade occurs. This freshness is different for each event and each firmware; therefore, even if the freshness of one firmware is exposed, the others are secure. In addition, confidentiality, integrity, and authentication are ensured. Furthermore, the proposed protocol can be easily implemented and adapted to WAPs. Experiments are performed to evaluate the upgrade time, resource usage, and code size in wired and wireless connected environments by implementing a prototype and analyzing the security of the protocol. The results show that the proposed upgrade is secure and practical.

show abstract

Section: Related Workmentioning

confidence: 99%

“…However, security issues are not considered or missed. The other approach uses improper assumptions, only suggesting protocols without any experiments [8,14,17].…”

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Proposed Firmware Upgrade Protocolmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Sustainable and Practical Firmware Upgrade for Wireless Access Point Using Password-Based Authentication

Jang

Jung

2016

Sustainability

View full text Add to dashboard Cite

show abstract

Smart Home Device Security: A Survey of Smart Home Authentication Methods with a Focus on Mutual Authentication and Key Management Practices

Raju¹,

Moh²

2022

Cybersecurity in Smart Homes

View full text Add to dashboard Cite

Lightweight and Privacy‐Preserving Authentication Protocol for Smart Village

Panigrahi,

Kumar

2024

Internet Technology Letters

View full text Add to dashboard Cite

Smart villages, utilizing digital technology, present a viable solution to address rural communities' needs, especially in developing countries. However, high infrastructure costs, informal economies, and governance issues pose significant challenges, impeding the realization of government aspirations for the smart village concept. This study focuses on preserving privacy and enhancing security within IoT‐enabled smart villages. We propose a lightweight, privacy‐preserving remote user authentication protocol utilizing geometric secret sharing to mitigate security vulnerabilities in resource‐constrained IoT devices. The protocol eliminates the need for traditional passwords and smart cards, reducing user burden and enhancing usability. Performance analysis and comparative evaluations, including power consumption, security features, and computational costs, demonstrate the efficacy and robustness of our protocol.

show abstract

Secure firmware validation and update for consumer devices in home networking

Cited by 56 publications

References 9 publications

Sustainable and Practical Firmware Upgrade for Wireless Access Point Using Password-Based Authentication

Sustainable and Practical Firmware Upgrade for Wireless Access Point Using Password-Based Authentication

Smart Home Device Security: A Survey of Smart Home Authentication Methods with a Focus on Mutual Authentication and Key Management Practices

Lightweight and Privacy‐Preserving Authentication Protocol for Smart Village

Contact Info

Product

Resources

About