Secure Code Update for Embedded Devices via Proofs of Secure Erasure

Abstract. Remote attestation is the process of verifying internal state of a remote embedded device. It is an important component of many security protocols and applications. Although previously proposed re-mote attestation techniques assisted by specialized secure hardware are effective, they not yet viable for low-cost embedded devices. One no-table alternative is software-based attestation, that is both less costly and more efficient. However, recent results identified weaknesses in some proposed software-based methods, thus showing that security of remote software attestation remains a challenge. Inspired by these developments, this paper explores an approach that relies neither on secure hardware nor on tight timing constraints typi-cal of software-based technqiques. By taking advantage of the bounded memory/storage model of low-cost embedded devices and assuming a small amount of read-only memory (ROM), our approach involves a new primitive – Proofs of Secure Erasure (PoSE-s). We also show that, even though it is effective and provably secure, PoSE-based attestation is not cheap. However, it is particularly well-suited and practical for two other related tasks: secure code update and secure memory/storage erasure. We consider several flavors of PoSE-based protocols and demonstrate their feasibility in the context of existing commodity embedded devices.

Robust Detection of Malicious Nodes in Mobile Sensor Networks Using Software Attestation

In ad hoc and sensor networks, reputation-based trust management schemes have been widely used to identify the malicious nodes. These schemes leverage each node's behaviors for malicious node detection and thus require a certain amount of time to observe the behaviors of nodes. In mobile sensor networks, however, malicious nodes frequently move to different locations, and thus it is likely difficult to collect enough evidence for them. Moreover, when reputation-based schemes are employed, it is not easy to revoke the malicious nodes due to the risk of false positives. To mitigate these limitations of reputation-based schemes, we propose mobile malicious node detection schemes based on software attestation technique, which virtually fulfills zero false positives. In particular, we propose a probabilistic detection scheme in which each node attests its neighboring node with a certain probability. In order to reduce the attestation overhead of the probabilistic detection scheme, we also propose the SPRT (Sequential Probability Ratio Test) based detection scheme that uses the SPRT to determine when to perform the attestations. Through analysis and simulation, we show that our proposed schemes detect mobile malicious nodes through software attestations in robust and efficient manner

Improved Garbled Circuit Building Blocks and Applications to Auctions and Computing Minima

Abstract. We consider generic Garbled Circuit (GC)-based techniques for Secure Function Evaluation (SFE) in the semi-honest model. We describe efficient GC constructions for addition, subtraction, multiplication, and comparison functions. Our circuits for subtraction and comparison are approximately two times smaller (in terms of garbled tables) than previous constructions. This implies corresponding computation and communication improvements in SFE of functions using our efficient building blocks. The techniques rely on recently proposed “free XOR ” GC technique. Further, we present concrete and detailed improved GC protocols for the problem of secure integer comparison, and related problems of auctions, minimum selection, and minimal distance. Performance improvement comes both from building on our efficient basic blocks and several problemspecific GC optimizations. We provide precise cost evaluation of our constructions, which serves as a baseline for future protocols