[Studies in Computational Intelligence 481] Artur Babiarz, Robert Bieda, Karol Jędrasiak, Aleksander Nawrat (auth.), Aleksander Nawrat, Zygmunt Kuś (eds.) - Vision Based Systemsfor UAV Applications (2013, Sprin
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
252 K. Daniec et al.<br />
by the ability to generate arbitrarily long str<strong>in</strong>g of blocks (keystream). In order to<br />
generate it, it is required a key and a nonce value (the value for a s<strong>in</strong>gle call). The<br />
resultant sequence of blocks is used to convert non-confidential data to an encrypted<br />
form by a simple transformation of the XOR between the pla<strong>in</strong>text block and the<br />
block of keystream. In the case of a length not a multiple of the block, one can leave<br />
the appropriate number of bytes <strong>in</strong> the stream key, because it does not <strong>in</strong>terfere with<br />
the possibility to decrypt the data. Due to the advantages of CTR: No need for a decod<strong>in</strong>g<br />
function, no need for padd<strong>in</strong>g, and a large freedom <strong>in</strong> the implementation, it<br />
was decided that other modes are no needed.<br />
Due to the symmetry of the encod<strong>in</strong>g and decod<strong>in</strong>g operations <strong>in</strong> the CTR<br />
mode a s<strong>in</strong>gle crypto_encproc function was implemented <strong>in</strong> the hardware. The<br />
function parameters are block of data of any length, the encryption key, the size of<br />
the header and the unique value NOONCE. Inside the function crypto_encproc a<br />
key stream is generated. The <strong>in</strong>put to the cipher are 16-byte blocks <strong>in</strong> which the<br />
first 4 bytes of a given nonce value stored <strong>in</strong> the byte order from the youngest,<br />
then it is from 0 to 8 bytes of the packet header, completed to 8 bytes of zeros<br />
followed by four bytes describ<strong>in</strong>g the shift of the first byte <strong>in</strong> the packet, which<br />
will be covered by the block. By design, the header is no longer than 8 bytes. All<br />
cryptographic keys used by the hardware are 256 bits (32 bytes).<br />
The second most important function <strong>in</strong> the whole system is a hash function. It is<br />
necessary because of the need to generate and verify the HMAC <strong>auth</strong>oriz<strong>in</strong>g the<br />
values for all packages, and for the separation of certa<strong>in</strong> parts of the system.<br />
The hash function used was SHA-256. It maps a block of data of any length <strong>in</strong><br />
a short fixed length of 256 bits (32 bytes). Function selection was dictated by the<br />
current state of knowledge about the safety of different hash function, the size of<br />
the hash has been chosen to equal the length of the key <strong>in</strong> the encryption algorithm,<br />
mak<strong>in</strong>g it possible to easily implement certa<strong>in</strong> procedures for the compilation<br />
of the connection between the devices.<br />
The primary use of the hash function is to determ<strong>in</strong>e the value of <strong>auth</strong>oriz<strong>in</strong>g<br />
for packages. The <strong>auth</strong>orization allows to detect falsification of data and prevents<br />
an attacker to set own packages without know<strong>in</strong>g the correct keys.<br />
Computation of the value of an <strong>auth</strong>oriz<strong>in</strong>g mechanism was implemented with<strong>in</strong><br />
the function crypto_<strong>auth</strong>proc:<br />
HMAC (key, nonce, msg): = H (key | | H (key | | nonce | | msg) | | NOONCE)<br />
Where H () represents a s<strong>in</strong>gle calculation us<strong>in</strong>g the hash function, | | means concatenation<br />
of data blocks. Us<strong>in</strong>g the key <strong>in</strong> the HMAC function ensures that the<br />
attacker is not able to generate the correct value of an <strong>auth</strong>oriz<strong>in</strong>g, because they do<br />
not have complete <strong>in</strong>formation required to calculate the correct hash function<br />
value.<br />
Dual use of hash function is to elim<strong>in</strong>ate certa<strong>in</strong> defects, which derives from the<br />
hash function SHA-256. In case of s<strong>in</strong>gle call, the attacker would have not access<br />
to the <strong>auth</strong>oriz<strong>in</strong>g value, but he would be able to generate the correct value for the<br />
extended package on the basis of acquired basic package. In order to prevent this,<br />
the result of the <strong>in</strong>ternal hash function is additionally mixed with a key. This