Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
158 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Attestation with Constrained Relying Party (2312.08903v1)

Published 14 Dec 2023 in cs.CR

Abstract: Allowing a compromised device to receive privacy-sensitive sensor readings, or to operate a safety-critical actuator, carries significant risk. Usually, such risks are mitigated by validating the device's security state with remote attestation, but current remote attestation protocols are not suitable when the beneficiary of attestation, the relying party, is a constrained device such as a small sensor or actuator. These devices typically lack the power and memory to operate public-key cryptography needed by such protocols, and may only be able to communicate with devices in their physical proximity, such as with the controller whose security state they wish to evaluate. In this paper, we present a remote platform attestation protocol suitable for relying parties that are limited to symmetric-key cryptography and a single communication channel. We show that our protocol, including the needed cryptography and message processing, can be implemented with a code size of 6 KB and validate its security via model checking with the ProVerif tool.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (31)
  1. 3GPP (2023). Security architecture and procedures for 5G system. Technical Specification TS 33.501 V18.2.0, 3GPP.
  2. Symbolic modelling of remote attestation protocols for device and app integrity on Android. In Proceedings of the 2023 ACM on Asia Conference on Computer and Communication Security, ASIA CCS’23, pages 218–231, New York, NY, USA. Association for Computer Machinery.
  3. SIMPLE: A remote attestation approach for resource-constrained IoT devices. In 2020 ACM/IEEE 11th International Conference on Cyber-Physical Systems (ICCPS), pages 247–258.
  4. SlimIOT: Scalable lightweight attestation protocol for the internet of things. In 2018 IEEE Conference on Dependable and Secure Computing (DSC). IEEE.
  5. Remote attestation procedures (RATS) architecture. RFC 9334.
  6. Proverif 2.00: automatic cryptographic protocol verifier, user manual and tutorial. Version from, pages 05–16.
  7. Terminology for constrained-node networks. RFC 7228.
  8. Concise binary object representation (CBOR). RFC 8949.
  9. Principles of remote attestation. International Journal of Information Security, 10:63–81.
  10. ProximiTEE: Hardened SGX attestation by proximity verification. In Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy, CODASPY ’20, page 5–16, New York, NY, USA. Association for Computing Machinery.
  11. On the security of public key protocols. IEEE Transactions on Information Theory, 29:198–208.
  12. AAoT: Lightweight attestation and authentication for low-resource things in IoT and CPS. Computer Networks, 134:167–182.
  13. EAT Attestation Results. https://www.ietf.org/archive/id/draft-fv-rats-ear-01.html. Last Accessed: 17-07-2023.
  14. Hardware platform security for mobile devices. Foundations and Trends in Privacy and Security, 3:214–394.
  15. A TOUCTOU attack on DICE attestation. In CODASPY’22: Proceedings of the Twelft ACM Conference on Data and Application Security and Privacy, pages 226–235, New York, NY, USA. Association for Computing Machinery.
  16. Intel (2017). TinyCrypt Cryptographic Library. https://github.com/intel/tinycrypt.
  17. Rolling DICE: Lightweight remote attestation for COTS IOT hardware. In ARES’17: Proceedings of the 12th International Conference on Availability, Reliability and Security, ARES ’17, New York, NY, USA. Association for Computing Machinery.
  18. A taxonomy and review of remote attestation schemes in embedded systems. IEEE Access, 9:142390–14210.
  19. SCAPI: A scalable attestation protocol to detect software and physical attacks. In Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks, pages 75–86.
  20. LegIoT: Ledgered trust management platform for IoT. In Computer Security – ESORICS 2020, pages 377–396, Cham. Springer International Publishing.
  21. Trusted Sockets Layer: A TLS 1.3 based trusted channel protocol. In Tuveri, N., editor, Secure IT Systems: 26th Nordic Conference, NordSec 2021, Lecture Notes in Computer Science, pages 175–191, Cham. Springer International Publishing.
  22. Platform attestation in consumer devices. In 2023 33rd Conference of Open Innovations Association (FRUCT), pages 198–209. IEEE.
  23. Towards interoperable enclave attestation: Learnings from decades of academic work. In 2022 31st Conference of Open Innovations Association (FRUCT), pages 189–200. IEEE.
  24. Nordic Semiconductor (2023). nRF5340 DK. https://www.nordicsemi.com/Products/Development-hardware/nRF5340-DK. Last Accessed: 17-07-2023.
  25. Parno, B. (2008). Bootstrapping trust in a “trusted” platform. In Proceedings of the 3rd Conference on Hot Topics in Security, HOTSEC’08, USA. USENIX Association.
  26. Rescorla, E. (2018). The Transport Layer Security (TLS) Protocol version 1.3. RFC 8446.
  27. A lightweight remote attestation using PUFs and hash-based signatures for low-end IoT devices. Future Generation Computer Systems, 148:425–435.
  28. Lightweight remote attestation using physical functions. In WiSec’11: Proceedings of the fourth ACM conference on Wireless network security, pages 109–114. ACM.
  29. Segall, A. (2017). Trusted Platform Modules: Why, when and how to use them. Institution of Engineering and Technology, London, United Kingdom.
  30. TCG (2021). DICE Attestation Architecture. Trusted Computing Group. Version 1.0, revision 0.23.
  31. Zephyr (2023). Bluetooth: IPSP Sample. https://docs.zephyrproject.org/latest/samples/bluetooth/ipsp/README.html. Last Accessed: 17-07-2023.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now