3,388 research outputs found
ERASMUS: Efficient Remote Attestation via Self- Measurement for Unattended Settings
Remote attestation (RA) is a popular means of detecting malware in embedded
and IoT devices. RA is usually realized as an interactive protocol, whereby a
trusted party -- verifier -- measures integrity of a potentially compromised
remote device -- prover. Early work focused on purely software-based and fully
hardware-based techniques, neither of which is ideal for low-end devices. More
recent results have yielded hybrid (SW/HW) security architectures comprised of
a minimal set of features to support efficient and secure RA on low-end
devices.
All prior RA techniques require on-demand operation, i.e, RA is performed in
real time. We identify some drawbacks of this general approach in the context
of unattended devices: First, it fails to detect mobile malware that enters and
leaves the prover between successive RA instances. Second, it requires the
prover to engage in a potentially expensive (in terms of time and energy)
computation, which can be harmful for critical or real-time devices.
To address these drawbacks, we introduce the concept of self-measurement
where a prover device periodically (and securely) measures and records its own
software state, based on a pre-established schedule. A possibly untrusted
verifier occasionally collects and verifies these measurements. We present the
design of a concrete technique called ERASMUS : Efficient Remote Attestation
via Self-Measurement for Unattended Settings, justify its features and evaluate
its performance. In the process, we also define a new metric -- Quality of
Attestation (QoA). We argue that ERASMUS is well-suited for time-sensitive
and/or safety-critical applications that are not served well by on-demand RA.
Finally, we show that ERASMUS is a promising stepping stone towards handling
attestation of multiple devices (i.e., a group or swarm) with high mobility
PADS: Practical Attestation for Highly Dynamic Swarm Topologies
Remote attestation protocols are widely used to detect device configuration
(e.g., software and/or data) compromise in Internet of Things (IoT) scenarios.
Unfortunately, the performances of such protocols are unsatisfactory when
dealing with thousands of smart devices. Recently, researchers are focusing on
addressing this limitation. The approach is to run attestation in a collective
way, with the goal of reducing computation and communication. Despite these
advances, current solutions for attestation are still unsatisfactory because of
their complex management and strict assumptions concerning the topology (e.g.,
being time invariant or maintaining a fixed topology). In this paper, we
propose PADS, a secure, efficient, and practical protocol for attesting
potentially large networks of smart devices with unstructured or dynamic
topologies. PADS builds upon the recent concept of non-interactive attestation,
by reducing the collective attestation problem into a minimum consensus one. We
compare PADS with a state-of-the art collective attestation protocol and
validate it by using realistic simulations that show practicality and
efficiency. The results confirm the suitability of PADS for low-end devices,
and highly unstructured networks.Comment: Submitted to ESORICS 201
Remote attestation mechanism for embedded devices based on physical unclonable functions
Remote attestation mechanisms are well studied in the high-end computing environments; however, the same is not true for embedded devices-especially for smart cards. With ever changing landscape of smart card technology and advancements towards a true multi-application platform, verifying the current state of the smart card is significant to the overall security of such proposals. The initiatives proposed by GlobalPlatform Consumer Centric Model (GP-CCM) and User Centric Smart Card Ownership Model (UCOM) enables a user to download any application as she desire-depending upon the authorisation of the application provider. Before an application provider issues an application to a smart card, verifying the current state of the smart card is crucial to the security of the respective application. In this paper, we analyse the rationale behind the remote attestation mechanism for smart cards, and the fundamental features that such a mechanism should possess. We also study the applicability of Physical Unclonable Functions (PUFs) for the remote attestation mechanism and propose two algorithms to achieve the stated features of remote attestation. The proposed algorithms are implemented in a test environment to evaluate their performance. © 2013 The authors and IOS Press. All rights reserved
C-FLAT: Control-FLow ATtestation for Embedded Systems Software
Remote attestation is a crucial security service particularly relevant to
increasingly popular IoT (and other embedded) devices. It allows a trusted
party (verifier) to learn the state of a remote, and potentially
malware-infected, device (prover). Most existing approaches are static in
nature and only check whether benign software is initially loaded on the
prover. However, they are vulnerable to run-time attacks that hijack the
application's control or data flow, e.g., via return-oriented programming or
data-oriented exploits. As a concrete step towards more comprehensive run-time
remote attestation, we present the design and implementation of Control- FLow
ATtestation (C-FLAT) that enables remote attestation of an application's
control-flow path, without requiring the source code. We describe a full
prototype implementation of C-FLAT on Raspberry Pi using its ARM TrustZone
hardware security extensions. We evaluate C-FLAT's performance using a
real-world embedded (cyber-physical) application, and demonstrate its efficacy
against control-flow hijacking attacks.Comment: Extended version of article to appear in CCS '16 Proceedings of the
23rd ACM Conference on Computer and Communications Securit
FPGA based remote code integrity verification of programs in distributed embedded systems
The explosive growth of networked embedded systems has made ubiquitous and pervasive computing a reality. However, there are still a number of new challenges to its widespread adoption that include scalability, availability, and, especially, security of software. Among the different challenges in software security, the problem of remote-code integrity verification is still waiting for efficient solutions. This paper proposes the use of reconfigurable computing to build a consistent architecture for generation of attestations (proofs) of code integrity for an executing program as well as to deliver them to the designated verification entity. Remote dynamic update of reconfigurable devices is also exploited to increase the complexity of mounting attacks in a real-word environment. The proposed solution perfectly fits embedded devices that are nowadays commonly equipped with reconfigurable hardware components that are exploited to solve different computational problems
- …