A Secure TFTP Protocol with Security Proofs

Abstract: Advances in smart devices has witnessed major developments in many mobile applications such as Android applications. These smart devices normally interconnect to the internet using wireless technology and applications using the TFTP protocol among these wireless devices are becoming commonplace. In this work, we present an enhanced lightweight security protocol for smart device and server communications using Trivial File Transfer Protocol (TFTP). We suggest the use of lightweight symmetric encryption for data encryption and asymmetric encryption for key exchange protocols in TFTP. The target implementation of secure TFTP is for embedded devices such as Wi-Fi Access Points (AP) and remote Base Stations (BS). In this paper we present the security proofs based on an attack model (IND-CCA2) for securing TFTP protocol. We also present the security reduction of SSW-ARQ protocol from Cramer-Shoup encryption scheme and fixed-time side channel security. We have also introduced a novel adversary model in IND-CCA2-(SC-TA) and it is considered a practical model because the model incorporates the timing attack.