A Scheme for the Generation of Strong ICMetrics Based Session Key Pairs for Secure Embedded System Applications

This paper presents a scheme for the generation of strong session based ICMetrics key pairs for security critical embedded system applications. ICMetrics generates the security attributes of the sensor node based on measurable hardware and software characteristics of the integrated circuit. In the proposed scheme a random session ID is assigned by a trusted party to each participating network entity, which remains valid for a communication session. Our work is based on the design of a key derivation function that uses an ICMetrics secret key and a session token assigned by the trusted party to derive strong cryptographic key pairs for each entity. These session tokens also serve the purpose of identification/authentication between the trusted parties and the respective nodes in each network. The main strength of our proposed scheme rests on the randomness feature incorporated via the random session ID's, which makes the generated strong private/public key pair highly resistant against exhaustive search and rainbow table attacks. Our proposed approach makes use of key stretching using random session tokens via SHA-2 and performs multiple iterations of the proposed key derivation function to generate strong high entropy session key pairs of sufficient length. The randomness of the assigned ID's and the session based communication hinders the attacker's ability to launch various sorts of cryptanalytic attacks, thereby making the generated keys very high in entropy. The randomness feature has also been very carefully tuned according to the construction principles of ICMetrics, so that it doesn't affect the original ICMetrics data. The second part of the proposed scheme generates a corresponding public session key by computing the Hermite Normal Form of the high entropy private session key.