Implementation of Password Hashing on Embedded Systems with Cryptographic Acceleration Unit

In this modern world where the proliferation of electronic devices associated with the Internet of Things (IoT) grows day by day, security is an imperative issue. The criticality of the information linked to the various electronic devices connected to the Internet forces developers to establish protection mechanisms against possible cyber-attacks. When using computer equipment or servers, security mechanisms can be applied without having problems with the number of resources associated with this activity; the opposite is the case when implementing such mechanisms on embedded systems. The objective of this document is to implement password hashing on a FRDM-K82F development board with ARM® CortexTM-M4 processor. It describes the basic criteria necessary to aim at moderate levels of security in specific purpose applications; that can be developed taking advantage of the hardware cryptographic acceleration units that these embedded systems have. Performance analysis of the implemented hash function is also presented, considering the variation in the number of iterations performed by the development board. The validation of the correct functioning of the hashing scheme using the SHA256 algorithm is carried out by comparing the results obtained in real-time versus an application developed in Python software using the PyCryptodome library. Keywords—Cryptography; password hashing; embedded systems; cryptographic acceleration hardware; SHA-256


I. INTRODUCTION
One of the current priorities with the boom and great demand for devices associated with the Internet of Things (IoT) [1], in the face of multiple interconnectivity environments is security [2], [3]. While it is true that day by day the development of specific solutions or electronic control units associated with communication processes; establishes a great demand by this society interconnected to the web [4]; as developers, it must be considered that there are a wide variety of tools both software and hardware [5]; which allow to improve and optimize security against the handling of critical information [6], [7]. The possible vulnerability and impact on the integrity of the information make security a key point in any electronic development; thus, establishing a primordial factor in the selection criteria of the possible users of these technological solutions [8].
A fundamental characteristic that must be considered when implementing IoT on embedded systems is that most of these devices have limitations associated with computational power and speed [9], [10]. Although this could be a limitation when developing electronic control units with cryptographic functions [11]; many applications are being developed that make use of hardware coprocessors that facilitate the implementation of various cryptographic algorithms and hash functions [12], [13]. This allows the use of these embedded systems to be applied not only in encryption and decryption tasks [14], but also in hashing and authentication in complex environments with limited computing resources [15], [16]. The current literature shows us a great variety of security implementations on embedded systems in which performance analysis is performed for both symmetric and asymmetric algorithms [17], [18]; this shows us that cryptographic hardware continues in a constant process of evolution due to the great demand for efficient [19], reliable, portable [20], and secure IoT technological products [21].
In this complex scenario of IoT interconnectivity, some organizations have fallen prey to cyber-attacks in which they have been exposed thanks to vulnerabilities exploited by poor password protection practices. The exploitation of this vulnerability has managed to expose many user accounts and credentials; significantly affecting the reliability of the use of web applications and embedded solutions used in home automation and industrial areas [6], [12], [14]. One way to counteract this phenomenon and at the same time guarantee a high level of security related to user accounts is through the implementation of password hashing schemes (PHS) [13].
Considering the above, this work aims to show the implementation and validation of a password hashing on the FRDM-K82F embedded system. The document intends to develop in a simple and practical way a first approach to the use of Arm Mbed TLS libraries; thus, providing a basic and functional solution for those who make their first approach to the use of processors with cryptographic acceleration units. A performance analysis associated with the variation in the number of iterations used for the generated summary function is also shown.
This contribution is presented in the following sections, which are organized as follows: Section II describes the basic theoretical concepts associated with the use of embedded systems with cryptographic acceleration unit. Section III describes the implementation and development of the proposal. Section IV presents the results obtained, and finally, the conclusions and future work are presented in Section V.

II. METHODOLOGY
The constant evolution of digital devices in terms of their cryptographic modules has allowed a lot of opportunities; www.ijacsa.thesai.org associated with the linking of security parameters in the development of specific purpose applications. Using the FRDM-K82F development platform, a step-by-step implementation of password hashing is carried out, making use of the Cryptographic Acceleration Unit (CAU). The validation and verification of the SHA-256 algorithm and the respective results are performed by means of the Python PyCryptodome library; this to verify the correct operation of the proposed solution on the embedded system used.

A. Cryptographic Acceleration Unit
A wide variety of embedded systems can be found in the market that has this type of module incorporated in their architecture, see Fig. 1. In general, terms, the Cryptographic Acceleration Unit (CAU) is a ColdFire® coprocessor that is accessed by the CPU using specialized hardware operations [21], [22]. The purpose of this unit is to increase the performance of software-based hashing and encryption functions, thus guaranteeing acceleration and high performance when using algorithms such as DES, 3DES, AES, MD5, SHA, among others.
Also available are some Kinetis® MCU processors that have the memory-mapped cryptographic acceleration unit (mmCAU), a coprocessor that is connected to the processor's private peripheral bus (PPB), as shown in Fig. 2. These units are focused on improving the performance of software-based security encryption/decryption operations.

B. Password Hashing
One way to increase security in any communication and information transfer process associated with applications that link user accounts with their respective access passwords; is to move from storing passwords in plain text to using a hash function on the respective password, as shown in Fig. 3. A hash function makes it possible to encrypt a password by taking advantage of the fact that this type of algorithm; takes any size of data and converts it into a fixed length of information [13]. To be more precise, the aim is to make it impossible to recover the password from the generated hash.   As a good security practice, it is not recommended to store passwords in unencrypted text; since any attacker could access them and obtain all the information directly. By storing the hash of these passwords and taking advantage of the fact that these functions are not reversible, the security vulnerability of the respective system is significantly reduced. The validation process of this technique is simple; initially, the input data is taken, the same hash function is executed, and then it is analyzed if this result matches the information stored in the password store, see Fig. 4. www.ijacsa.thesai.org

III. IMPLEMENTATION
Initially, use is made of the PyCryptodome libraries, which is an autonomous package of low-level cryptographic primitives supported by Python. This software tool allows an external validation of the operation of the cryptographic process to be implemented. It can be said that first the operational validation of the process will be performed by means of software simulation; to later compare the results obtained with the implementation on hardware with the FRDM-K82F platform, see Fig. 5. As the fundamental objective of the application is to make use of the cryptographic acceleration unit (CAU) of the FRDM-K82F card; which has an ARM® Cortex®-M4 core running at up to 150 MHz, with KB256 of Flash and 256 KB of RAM. The source code is developed using the Mbed OS compiler, which provides a comprehensive SSL/TLS solution called Arm MbedTLS [24]. This library simplifies the integration of cryptographic solutions because it is compact and generic; it should be noted that it can only be used in ColdFire and Kinetis devices with CAU or mmCAU hardware coprocessors. The following encryption/decryption algorithms and hash functions can be used with this library: AES128, AES192, AES256, DES, 3DES, MD5, SHA1, and SHA256.
This implementation was carried out using the Mbed-Studio compiler; this has a large repository of examples associated with the security schemes [25]. It must be considered that at the moment of creating the source code and loading the libraries; the compiler must initially evaluate if the processor has the cryptographic acceleration unit required for the use of the respective libraries; based on this concept, some components of the source code would be as follows: #include "mbed.h" #include "mbedtls/sha256.h" /* SHA-256 only */ #include "mbedtls/md.h" /* generic interface */ #include < cstdio> #if DEBUG_LEVEL > 0 #include "mbedtls/debug.h" www.ijacsa.thesai.org #endif #include "mbedtls/platform.h" #include < string.h> The call to the Hash function is quite simple, the definition of the respective input and output variables must be considered; for this case it must be considered that the output associated to a SHA256 function is of 32 bytes, with respect to the input it must be remembered that it can be of any length. The parameters and input variables would be: static const char dato_input[] = "passwordHMA5m8k@q1$"; static const unsigned char *input_buffer = (const unsigned char *) dato_input; static const size_t dato_len = strlen(dato_input); With respect to the execution of the SHA function, four functional requirements must be considered. These are: Data buffer, buffer length, Output buffer and a parameter defining whether to use the full SHA-256 or the SHA-224 variant. In this case, this value must be 0 (to use SHA-256).

IV. RESULTS
To validate the effectiveness of the password hashing implementation on the selected hardware, we proceeded to compare the result obtained with the implementation done entirely on the PC using pyCryptodome, (see characteristics in Table I). The execution times were measured both in the PC implementation and in the embedded system, performing a variation between the number of iterations associated with the selected hash function.
As general concepts, a test password of 11 bytes in length was used, encrypted with a SHA256 algorithm (password + salt). The salt used was eight bytes long. For the information associated with the salt, a test constant was used and there was no code segment associated with its generation by the embedded system. The validation and verification were performed by comparing the output of the simulation performed in Python versus the result given by the serial port of the development board. Comparisons of up to 100,000 iterations were performed, demonstrating the full functionality of the implementation, see Fig. 6 and Fig. 7.

V. CONCLUSION AND FUTURE WORK
This document presents simply and easily a password hashing scheme that can be implemented on any embedded system with cryptographic acceleration hardware; it provides the key concepts so that people who are starting in the subject of embedded cryptography can begin to incorporate these security measures for their respective developments. It shows that it is possible to make use of a technological solution that offers a moderate level of security using electronic devices with limited computational resources. Although in most IoT applications, communication between devices is short term and there is not a high rate of information transfer; the protection of session passwords becomes a fundamental objective in terms of security. It is hoped that this type of examples will encourage developers to incorporate new methodologies for protecting information on the design of IoT devices.
As future work, we intend to develop specific application hardware to enable digital signatures by implementing hash functions and lightweight encryption algorithms.
ACKNOWLEDGMENT This work was supported by the Universidad Distrital Francisco José de Caldas, in part through CIDC, and partly by the Technological Faculty. The views expressed in this paper are not necessarily endorsed by the university. The authors thank the research group ARMOS for supporting the development of the code and the implementation on hardware.