TU Darmstadt / ULB / TUbiblio

Remote Attestation for Low-End Embedded Devices: the Prover's Perspective

Brasser, Ferdinand ; Rasmussen, Kasper ; Sadeghi, Ahmad-Reza ; Tsudik, Gene (2016)
Remote Attestation for Low-End Embedded Devices: the Prover's Perspective.
Conference or Workshop Item, Bibliographie

Abstract

Security of embedded devices is a timely and important issue, due to their proliferation into numerous and diverse settings, and growing popularity of these devices as attack targets, especially via remote malware infestations. One important defense mechanism is attestation, whereby a trusted, and possibly remote, party (verifier) checks the internal state of an untrusted, and potentially compromised, device (prover).Despite much prior work, attestation remains a vibrant research topic. However, most attestation schemes naturally focus on the scenario where the verifier is trusted and the prover is not. The opposite setting - where the prover is benign, and the verifier is malicious - has not received any attention. This paper considers this important issue of prover security, including: verifier impersonation, denial-of-service (DoS) and replay attacks, all of which allow the adversary to incapacitate the prover at a critical moment. We argue that protection of the prover from these attacks must be treated as an important component of any remote attestation method. We formulate a new roaming adversary model for this scenario and present the trade offs involved in countering this threat. We also identify new features and methods needed to protect the prover with minimal additional requirements.

Item Type: Conference or Workshop Item
Erschienen: 2016
Creators: Brasser, Ferdinand ; Rasmussen, Kasper ; Sadeghi, Ahmad-Reza ; Tsudik, Gene
Type of entry: Bibliographie
Title: Remote Attestation for Low-End Embedded Devices: the Prover's Perspective
Language: German
Date: 2016
Publisher: ACM
Book Title: Proceedings of the 53nd Annual Design Automation Conference
Series: DAC '16
Abstract:

Security of embedded devices is a timely and important issue, due to their proliferation into numerous and diverse settings, and growing popularity of these devices as attack targets, especially via remote malware infestations. One important defense mechanism is attestation, whereby a trusted, and possibly remote, party (verifier) checks the internal state of an untrusted, and potentially compromised, device (prover).Despite much prior work, attestation remains a vibrant research topic. However, most attestation schemes naturally focus on the scenario where the verifier is trusted and the prover is not. The opposite setting - where the prover is benign, and the verifier is malicious - has not received any attention. This paper considers this important issue of prover security, including: verifier impersonation, denial-of-service (DoS) and replay attacks, all of which allow the adversary to incapacitate the prover at a critical moment. We argue that protection of the prover from these attacks must be treated as an important component of any remote attestation method. We formulate a new roaming adversary model for this scenario and present the trade offs involved in countering this threat. We also identify new features and methods needed to protect the prover with minimal additional requirements.

Uncontrolled Keywords: ICRI-SC;STC Secure and Trustworthy Systems; Solutions; S2;Secure Things;Security
Identification Number: TUD-CS-2016-0048
Divisions: 20 Department of Computer Science
20 Department of Computer Science > System Security Lab
DFG-Collaborative Research Centres (incl. Transregio)
DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres
Profile Areas
Profile Areas > Cybersecurity (CYSEC)
LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres > CRC 1119: CROSSING – Cryptography-Based Security Solutions: Enabling Trust in New and Next Generation Computing Environments
Date Deposited: 04 Aug 2016 10:13
Last Modified: 02 May 2019 12:51
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details