TU Darmstadt / ULB / TUbiblio

Remote Attestation for Low-End Embedded Devices: the Prover's Perspective

Brasser, Ferdinand ; Rasmussen, Kasper ; Sadeghi, Ahmad-Reza ; Tsudik, Gene :
Remote Attestation for Low-End Embedded Devices: the Prover's Perspective.
In: DAC '16 . ACM
[Konferenz- oder Workshop-Beitrag], (2016)

Kurzbeschreibung (Abstract)

Security of embedded devices is a timely and important issue, due to their proliferation into numerous and diverse settings, and growing popularity of these devices as attack targets, especially via remote malware infestations. One important defense mechanism is attestation, whereby a trusted, and possibly remote, party (verifier) checks the internal state of an untrusted, and potentially compromised, device (prover).Despite much prior work, attestation remains a vibrant research topic. However, most attestation schemes naturally focus on the scenario where the verifier is trusted and the prover is not. The opposite setting - where the prover is benign, and the verifier is malicious - has not received any attention. This paper considers this important issue of prover security, including: verifier impersonation, denial-of-service (DoS) and replay attacks, all of which allow the adversary to incapacitate the prover at a critical moment. We argue that protection of the prover from these attacks must be treated as an important component of any remote attestation method. We formulate a new roaming adversary model for this scenario and present the trade offs involved in countering this threat. We also identify new features and methods needed to protect the prover with minimal additional requirements.

Typ des Eintrags: Konferenz- oder Workshop-Beitrag (Keine Angabe)
Erschienen: 2016
Autor(en): Brasser, Ferdinand ; Rasmussen, Kasper ; Sadeghi, Ahmad-Reza ; Tsudik, Gene
Titel: Remote Attestation for Low-End Embedded Devices: the Prover's Perspective
Sprache: Deutsch
Kurzbeschreibung (Abstract):

Security of embedded devices is a timely and important issue, due to their proliferation into numerous and diverse settings, and growing popularity of these devices as attack targets, especially via remote malware infestations. One important defense mechanism is attestation, whereby a trusted, and possibly remote, party (verifier) checks the internal state of an untrusted, and potentially compromised, device (prover).Despite much prior work, attestation remains a vibrant research topic. However, most attestation schemes naturally focus on the scenario where the verifier is trusted and the prover is not. The opposite setting - where the prover is benign, and the verifier is malicious - has not received any attention. This paper considers this important issue of prover security, including: verifier impersonation, denial-of-service (DoS) and replay attacks, all of which allow the adversary to incapacitate the prover at a critical moment. We argue that protection of the prover from these attacks must be treated as an important component of any remote attestation method. We formulate a new roaming adversary model for this scenario and present the trade offs involved in countering this threat. We also identify new features and methods needed to protect the prover with minimal additional requirements.

Buchtitel: Proceedings of the 53nd Annual Design Automation Conference
Reihe: DAC '16
Verlag: ACM
Freie Schlagworte: ICRI-SC;STC Secure and Trustworthy Systems;S2;Secure Things;Security
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik
20 Fachbereich Informatik > Systemsicherheit
DFG-Sonderforschungsbereiche (inkl. Transregio)
DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche
Profilbereiche
Profilbereiche > Cybersicherheit (CYSEC)
LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche > SFB 1119: CROSSING – Kryptographiebasierte Sicherheitslösungen als Grundlage für Vertrauen in heutigen und zukünftigen IT-Systemen
Hinterlegungsdatum: 04 Aug 2016 10:13
ID-Nummer: TUD-CS-2016-0048
Export:

Optionen (nur für Redakteure)

Eintrag anzeigen Eintrag anzeigen