Palestra - Zero-Trust Secure Firmware Update for Distributed Embedded Devices
Critical infrastructure computing systems are part of the invisible layer of automation that keeps modern society functioning. We propose a Secure Firmware Update cryptosystem that addresses the strong hostile environments found in these critical infrastructure applications, including offline systems and systems operating in air-gapped networks. The cryptosystem is based on strong unforgeable compositions that are resilient to Chosen-Message Attacks (SUF-CMA), and use AEAD with Encrypt-then-Mac cipher structures to counter active Adversaries that have unlimited physical access to the system.
