Journal of Innovation in Computer Science and Engineering
  • Year: 2014
  • Volume: 3
  • Issue: 2

Cryptography for Quality Assurance-An Implementation to Verify Authenticity and Integrity of Embedded System Test Reports

  • Author:
  • Sriharsa Mohapatra, Rupesh Kumar
  • Total Page Count: 7
  • Page Number: 1 to 7

R & D-Electronic Systems, Nuclear Power Corporation of India Ltd., (Hq), Anushaktinagar, Mumbai, India

*sriharsa@npcil.co.in

**rupesh@npcil.co.in

Online published on 27 June, 2017.

Abstract

The work presented here has been developed for quality assurance of embedded system test reports in Nuclear Power Corporation of India Limited, Mumbai. Embedded system test reports are generated by running test programs on embedded systems and are later verified. The requirement is to convey to the verifier whether the test report is authentic or tampered [1] [2]. The first of our implementation ensures the same using digital signature. However, the digital signature generating incurs significant processing load on embedded systems [6] [9]. Therefore, an alternative implementation has also been developed. It transfers (over TCP connection) the test report to a workstation as soon as the test report is generated. While transferring authenticity and integrity of the test report is verified using keyed Hashed Message Authentication Code (HMAC) [10]. HMAC incurs negligible processing load [11]. The HMAC uses a symmetric key that is formed dynamically mixing four different types of key seeds. This mixing is carried out according to predefined key mixing tables. Immediately after receiving the report, the workstation appends the digital signature to the report. To avoid practical constraints, library support and compatibility issues the entire implementation has been developed using C code. Further, these cyclic group cryptographic operations process big integers using decimal digits for ease of documenting, debugging and understanding.

Keywords

Client and server applications, Cryptography, Daffier Hellman key exchange, Digital signature, Hashed message Authentication code (HMAC), Network communication, Network threats, Quality assurance, Test report authenticity, Test report tampering detection, SHA hashing, Side channel attacks