Remote attestation for low-end embedded devices

Ferdinand Brasser, Kasper B. Rasmussen, Ahmad-Reza Sadeghi, Gene Tsudik
2016 Proceedings of the 53rd Annual Design Automation Conference on - DAC '16  
Security of embedded devices is a timely and important issue, due to the proliferation of these devices into numerous and diverse settings, as well as their growing popularity as attack targets, especially, via remote malware infestations. One important defense mechanism is remote attestation, whereby a trusted, and possibly remote, party (verifier) checks the internal state of an untrusted, and potentially compromised, device (prover). Despite much prior work, remote attestation remains a
more » ... nt research topic. However, most attestation schemes naturally focus on the scenario where the verifier is trusted and the prover is not. The opposite setting-where the prover is benign, and the verifier is malicious-has been side-stepped. To this end, this paper considers the issue of prover security, including: verifier impersonation, denial-of-service (DoS) and replay attacks, all of which result in unauthorized invocation of attestation functionality on the prover. We argue that protection of the prover from these attacks must be treated as an important component of any remote attestation method. We formulate a new roaming adversary model for this scenario and present the trade-offs involved in countering this threat. We also identify new features and methods needed to protect the prover with minimal additional requirements.
doi:10.1145/2897937.2898083 dblp:conf/dac/BrasserRST16 fatcat:zz4m2ies7vhq3lgghm56sn34dm