Brasser, Ferdinand ; Rasmussen, Kasper ; Sadeghi, Ahmad-Reza ; Tsudik, Gene (2016)
Remote Attestation for Low-End Embedded Devices: the Prover's Perspective.
Conference or Workshop Item, Bibliographie
Abstract
Security of embedded devices is a timely and important issue, due to their proliferation into numerous and diverse settings, and growing popularity of these devices as attack targets, especially via remote malware infestations. One important defense mechanism is attestation, whereby a trusted, and possibly remote, party (verifier) checks the internal state of an untrusted, and potentially compromised, device (prover).Despite much prior work, attestation remains a vibrant research topic. However, most attestation schemes naturally focus on the scenario where the verifier is trusted and the prover is not. The opposite setting - where the prover is benign, and the verifier is malicious - has not received any attention. This paper considers this important issue of prover security, including: verifier impersonation, denial-of-service (DoS) and replay attacks, all of which allow the adversary to incapacitate the prover at a critical moment. We argue that protection of the prover from these attacks must be treated as an important component of any remote attestation method. We formulate a new roaming adversary model for this scenario and present the trade offs involved in countering this threat. We also identify new features and methods needed to protect the prover with minimal additional requirements.
Item Type: | Conference or Workshop Item |
---|---|
Erschienen: | 2016 |
Creators: | Brasser, Ferdinand ; Rasmussen, Kasper ; Sadeghi, Ahmad-Reza ; Tsudik, Gene |
Type of entry: | Bibliographie |
Title: | Remote Attestation for Low-End Embedded Devices: the Prover's Perspective |
Language: | German |
Date: | 2016 |
Publisher: | ACM |
Book Title: | Proceedings of the 53nd Annual Design Automation Conference |
Series: | DAC '16 |
Abstract: | Security of embedded devices is a timely and important issue, due to their proliferation into numerous and diverse settings, and growing popularity of these devices as attack targets, especially via remote malware infestations. One important defense mechanism is attestation, whereby a trusted, and possibly remote, party (verifier) checks the internal state of an untrusted, and potentially compromised, device (prover).Despite much prior work, attestation remains a vibrant research topic. However, most attestation schemes naturally focus on the scenario where the verifier is trusted and the prover is not. The opposite setting - where the prover is benign, and the verifier is malicious - has not received any attention. This paper considers this important issue of prover security, including: verifier impersonation, denial-of-service (DoS) and replay attacks, all of which allow the adversary to incapacitate the prover at a critical moment. We argue that protection of the prover from these attacks must be treated as an important component of any remote attestation method. We formulate a new roaming adversary model for this scenario and present the trade offs involved in countering this threat. We also identify new features and methods needed to protect the prover with minimal additional requirements. |
Uncontrolled Keywords: | ICRI-SC;STC Secure and Trustworthy Systems; Solutions; S2;Secure Things;Security |
Identification Number: | TUD-CS-2016-0048 |
Divisions: | 20 Department of Computer Science 20 Department of Computer Science > System Security Lab DFG-Collaborative Research Centres (incl. Transregio) DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres Profile Areas Profile Areas > Cybersecurity (CYSEC) LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres > CRC 1119: CROSSING – Cryptography-Based Security Solutions: Enabling Trust in New and Next Generation Computing Environments |
Date Deposited: | 04 Aug 2016 10:13 |
Last Modified: | 02 May 2019 12:51 |
PPN: | |
Export: | |
Suche nach Titel in: | TUfind oder in Google |
Send an inquiry |
Options (only for editors)
Show editorial Details |