13,119 Hits in 3.7 sec

ERASMUS: Efficient Remote Attestation via Self- Measurement for Unattended Settings [article]

Xavier Carpent, Norrathep Rattanavipanon, Gene Tsudik
2017 arXiv   pre-print
We present the design of a concrete technique called ERASMUS : Efficient Remote Attestation via Self-Measurement for Unattended Settings, justify its features and evaluate its performance.  ...  Remote attestation (RA) is a popular means of detecting malware in embedded and IoT devices.  ...  To address these issues, we design ERASMUS: Efficient Remote Attestation via Self-Measurement for Unattended Settings. ERASMUS is based on self-measurements.  ... 
arXiv:1707.09043v1 fatcat:6zeinja6c5e45almv3u3kbxtxm

SEDAT:Security Enhanced Device Attestation with TPM2.0 [article]

Avani Dave, Monty Wiseman, David Safford
2021 arXiv   pre-print
This paper presents SEDAT, a novel methodology for remote attestation of the device via a security enhanced communication channel. SEDAT performs hardware, firmware, and software attestation.  ...  Remote attestation is one of the ways to verify the state of an untrusted device.  ...  RV to capture the state of a potentially untrusted remote device.Essentially, RV measures and takes hash of the software running on the RP, tranfers it to it self and matches to the golden measurement  ... 
arXiv:2101.06362v1 fatcat:pae52saonzhcjalygelobkthni

Reactive Attestation

Alessio Viticchié, Cataldo Basile, Andrea Avancini, Mariano Ceccato, Bert Abrath, Bart Coppens
2016 Proceedings of the 2016 ACM Workshop on Software PROtection - SPRO '16  
In the present paper, we propose a novel approach to antitampering that (i) fully automatically applies to a target program, (ii) uses Remote Attestation for detection purposes and (iii) adopts a server-side  ...  By means of Client/Server Code Splitting, a crucial part of the program is removed from the client and executed on a remote trusted server in sync with the client.  ...  Moreover, a self-protecting trust base behaves as a root of trust and is used by the attestation manager to certify its integrity measurements.  ... 
doi:10.1145/2995306.2995315 dblp:conf/ccs/ViticchieBACAC16 fatcat:55twfkwmz5aq7fumjlvdmlkkci

Remote Attestation Mechanism for User Centric Smart Cards Using Pseudorandom Number Generators [chapter]

Raja Naeem Akram, Konstantinos Markantonakis, Keith Mayes
2013 Lecture Notes in Computer Science  
Finally, the attestation protocol is informally analysed, and its test implementation and performance measurements are presented.  ...  This is followed by the rationale behind the changes to the traditional smart card architecture to accommodate the remote security assurance and validation mechanism.  ...  Furthermore, we have opted out of having execution measurement as part of the attestation process as it is dicult to ascertain the trustworthiness of the remote device that measures it.  ... 
doi:10.1007/978-3-319-02726-5_12 fatcat:3ukew72nhvemdidxdonj3jg2oy

Secure Code Update for Embedded Devices via Proofs of Secure Erasure [chapter]

Daniele Perito, Gene Tsudik
2010 Lecture Notes in Computer Science  
Remote attestation is the process of verifying internal state of a remote embedded device. It is an important component of many security protocols and applications.  ...  However, recent results identified weaknesses in some proposed methods, thus showing that security of remote software attestation remains a challenge.  ...  Attestation based on self-modifying code: [28] proposed to use a distinct attestation routine for each attestation instance.  ... 
doi:10.1007/978-3-642-15497-3_39 fatcat:cyzd6zaoyfbijfwmspomhj2iaq

Remote Attestation: A Literature Review [article]

Alexander Sprogø Banks, Marek Kisiel, Philip Korsholm
2021 arXiv   pre-print
Remote attestation (RA) is a distinct security service that allows a remote verifer to reason about the state of an untrusted remote prover (device).  ...  Paradigms of remote attestation span from exclusively software, in software-based attestation, to exclusively hardware-based.  ...  ERASMUS [19] is an RA protocol that utilizes periodical self-measurement of Prover . Verifier then collects and verifies the measurements of Prover .  ... 
arXiv:2105.02466v2 fatcat:wpzlezruovat5c35b465xkzb44

On the TOCTOU Problem in Remote Attestation [article]

Ivan De Oliveira Nunes, Sashidhar Jakkamsetti, Norrathep Rattanavipanon, Gene Tsudik
2021 arXiv   pre-print
We propose Remote Attestation with TOCTOU Avoidance (RATA): a provably secure approach to address the RA TOCTOU problem.  ...  Consecutive Self-Measurements RA schemes based on consecutive self-measurements [12, 26] attempt to detect transient malware that comes and goes between two successive RA measurements.  ...  RA (7) As discussed above, guaranteed detection of transient malware via consecutive self-measurements requires that: < Adv (8) where Adv is the hypothetical number of instruction cycles used by the fastest  ... 
arXiv:2005.03873v2 fatcat:oewjkublwfgzpl4h773d5lu5q4

OAT: Attesting Operation Integrity of Embedded Devices [article]

Zhichuang Sun, Bo Feng, Long Lu, Somesh Jha
2019 arXiv   pre-print
We then design and build a system, OAT, that enables remote OEI attestation for ARM-based bare-metal embedded devices.  ...  OAT uses a new control-flow measurement scheme, which enables light-weight and space-efficient collection of measurements (97% space reduction from the trace-based approach).  ...  " (i.e., a self-contained task or logic).  ... 
arXiv:1802.03462v3 fatcat:u3ogiw5tpreebnt5skmzshjo2i

A Survey on Hardware Approaches for Remote Attestation in Network Infrastructures [article]

Ioannis Sfyrakis, Thomas Gross
2020 arXiv   pre-print
Remote attestation schemes have been utilized for assuring the integrity of a network node to a remote verifier.  ...  In this report, we focus on remote attestation schemes that use a hardware device and cryptographic primitives to assist with the attestation of nodes in a network infrastructure.  ...  Efficient Remote Attestation via Self-Measurement for Unattended Settings (ERAS-MUS) [24, 25] is a remote attestation scheme that is based on the notion of self-measuring the software code of provers  ... 
arXiv:2005.12453v3 fatcat:kjyi2rohtzgxxepbvsodlbygnm

Building secure distributed applications the DECENT way [article]

Haofan Zheng, Owen Arden
2020 arXiv   pre-print
Remote attestation (RA) authenticates code running in trusted execution environments (TEEs), allow trusted code to be deployed even on untrusted hosts.  ...  Decent applications authenticate and authorize distributed enclave components using a protocol based on self-attestation certificates, a reusable credential based on RA and verifiable by a third party.  ...  We call this process "self-attestation" because the host of the component plays the role of the remote verifier in the protocol.  ... 
arXiv:2004.02020v2 fatcat:ntmx4fd67zdj5iw5rdvycvl3qy

Integrating Remote Attestation with Transport Layer Security [article]

Thomas Knauth, Michael Steiner, Somnath Chakrabarti, Li Lei, Cedric Xing, Mona Vij
2019 arXiv   pre-print
Ultimately, remote attestation will result in an attested secure channel to provision secrets to the enclave.  ...  We seamlessly combine Intel SGX remote attestation with the establishment of a standard Transport Layer Security (TLS) connection. Remote attestation is performed during the connection setup.  ...  LIMITATIONS AND EXTENSIONS We discuss limitations and considerations when pursuing seamless attestation via extended X.509 certificates. Non-standard X.509 extensions.  ... 
arXiv:1801.05863v2 fatcat:mrbwnog7rrhtzeewhegc57v4by

Intel SGX Enabled Key Manager Service with OpenStack Barbican [article]

Somnath Chakrabarti, Brandon Baker, Mona Vij
2017 arXiv   pre-print
We extend OpenStack Barbican API to support attestation of an Intel SGX crypto plugin, to allow clients higher confidence in the software they are using for storing keys.  ...  In addition, the API provides support for mutual attestation for Intel SGX enabled clients, multi-user key distribution, and extensions for protecting the confidentiality and integrity of the backend database  ...  Secret Management All secrets sent to the Barbican server via an Intel® SGX aware client require an SK (session key) be negotiated via either RA (remote attestation) or MA (mutual attestation) to protect  ... 
arXiv:1712.07694v1 fatcat:43qe52kc2ja7ne4l5pcvmzrghe

Security verification of hardware-enabled attestation protocols

Tianwei Zhang, Jakub Szefer, Ruby B. Lee
2012 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture Workshops  
Attestation is an important and interesting new requirement for having trust in a remote computer, e.g., in a cloud computing scenario.  ...  We use attestation protocols proposed by different hardware security architectures as examples of such essential aspects.  ...  All three protocols deliver attestation measurements to a remote customer.  ... 
doi:10.1109/microw.2012.16 dblp:conf/micro/ZhangSL12 fatcat:gw6ploc6cvhkfbe67igl6euk4e

Principles of remote attestation

George Coker, Joshua Guttman, Peter Loscocco, Amy Herzog, Jonathan Millen, Brian O'Hanlon, John Ramsdell, Ariel Segall, Justin Sheehy, Brian Sniffen
2011 International Journal of Information Security  
We illustrate how to acquire evidence from a running system, and how to transport it via protocols to remote appraisers. We propose an architecture for attestation guided by these principles.  ...  Remote attestation is the activity of making a claim about properties of a target by supplying evidence to an appraiser over a network.  ...  A remote party must be able to trigger measurement; it is insufficient to only have runtime measurement occur via periodic automatic remeasurement triggered by the measurement system or tools.  ... 
doi:10.1007/s10207-011-0124-7 fatcat:ljsl65m5cbhdjhkeaaao2dsbzu

A TPM-enabled remote attestation protocol (TRAP) in wireless sensor networks

Hailun Tan, Wen Hu, Sanjay Jha
2011 Proceedings of the 6th ACM workshop on Performance monitoring and measurement of heterogeneous wireless and wired networks - PM2HW2N '11  
In this paper, we propose and implement a remote attestation protocol for detecting unauthorized tampering in the application codes running on sensor nodes with the assistance of Trusted Platform Modules  ...  Specifically, we present a hardware-based remote attestation protocol, discuss the potential attacks an adversary could launch against the protocol, and provide comprehensive system performance results  ...  The most straightforward detection measure is remote attestation, whose aim is to verify the program flash memory of the sensor nodes.  ... 
doi:10.1145/2069087.2069090 fatcat:fx2eofc2sjcdfgnlzgd2eskday
« Previous Showing results 1 — 15 out of 13,119 results