Extending hybrid approach to secure Trivial File Transfer Protocol in M2M communication: a comparative analysis

Abstract

Embedded Machine-to-Machine (M2M) is one of the hottest research topics in recent industrial Internet of Things. In order to serve the communication to effectively transfer data and messages between machines, the system must incorporate a file transfer protocol, known as Trivial File Transfer Protocol (TFTP). However, the main constraint is lack of security mechanism during TFTP Client–Server communication whereby its reliability is questionable as the protocol does not support any authentication or encryption methods, also provide no access control and zero protection from Man-In-The-Middle. Hence, in order to enhance the protocol security, hybrid security approach combining Diffie Hellman Key Exchange (DHKE) scheme and Advanced Encryption Standard symmetric encryption algorithm are proposed to be integrated into TFTP packet header. In this work, we present a performance comparison of three different protocols: the original TFTP protocol, TFTP protocol with single security extension, and our proposed TFTP protocol integrated with hybrid security approach to analyse the effectiveness of the method. The finding demonstrates that our proposed secure TFTP protocol generates comparable execution time as when implementing single encryption option, also more reliable to be used in the commercial system especially for low-cost M2M embedded infrastructure.