Defining trust in IoT environments via distributed remote attestation using blockchain

The constantly growing number of Internet of Things (IoT) devices and their resource-constrained nature makes them particularly vulnerable and increasingly attractive for exploitation by cyber criminals. Current estimates commonly reach the tens of billions for the number of connected 'things'. The heterogeneous capabilities of these devices serve as a motivation for resource sharing among them. However, for effective resource sharing, it is essential that trust be retained in the multitude of pervasive and diverse IoT devices. Remote attestation is a well-known technique used to build such trust. Thus, this paper proposes a blockchain based remote attestation protocol to establish trust between IoT devices. The blockchain offers a secure framework for device registration while the attestation is based on Physical Unclonable Functions (PUF). This combination of technologies results in a tamper resistant scheme with protection against physical and proxy attacks.

[1]  Sylvain Guilley,et al.  SoCs security: a war against side-channels , 2004, Ann. des Télécommunications.

[2]  L. V. Doorn,et al.  SCUBA: Secure Code Update By Attestation in sensor networks , 2006, WiSe '06.

[3]  Muhammad Sher,et al.  An Anonymous and Efficient Multiserver Authenticated Key Agreement With Offline Registration Centre , 2019, IEEE Systems Journal.

[4]  Biplab Sikdar,et al.  BlockPro: Blockchain based Data Provenance and Integrity for Secure IoT Environments , 2018, BlockSys@SenSys.

[5]  Pradeep K. Khosla,et al.  SWATT: softWare-based attestation for embedded devices , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[6]  Zeeshan Ali,et al.  Securing Smart City Surveillance: A Lightweight Authentication Mechanism for Unmanned Vehicles , 2020, IEEE Access.

[7]  Massimo Alioto,et al.  Enabling the Internet of Things: From Integrated Circuits to Integrated Systems , 2017 .

[8]  Vitalik Buterin A NEXT GENERATION SMART CONTRACT & DECENTRALIZED APPLICATION PLATFORM , 2015 .

[9]  Biplab Sikdar,et al.  Hardware Primitives-Based Security Protocols for the Internet of Things , 2019 .

[10]  Biplab Sikdar,et al.  A Scalable Protocol for Driving Trust Management in Internet of Vehicles With Blockchain , 2020, IEEE Internet of Things Journal.

[11]  Ashok Kumar Das,et al.  Lightweight and Physically Secure Anonymous Mutual Authentication Protocol for Real-Time Data Access in Industrial Wireless Sensor Networks , 2019, IEEE Transactions on Industrial Informatics.

[12]  Ahmad-Reza Sadeghi,et al.  Short paper: lightweight remote attestation using physical functions , 2011, WiSec '11.

[13]  Biplab Sikdar,et al.  Physically secure mutual authentication for IoT , 2017, 2017 IEEE Conference on Dependable and Secure Computing.

[14]  Uzair Javaid,et al.  Reinforcement Learning in Blockchain-Enabled IIoT Networks: A Survey of Recent Advances and Open Challenges , 2020, Sustainability.

[15]  Biplab Sikdar,et al.  A Privacy-Preserving and Scalable Authentication Protocol for the Internet of Vehicles , 2021, IEEE Internet of Things Journal.

[16]  Biplab Sikdar,et al.  Two-Factor Authentication for IoT With Location Information , 2019, IEEE Internet of Things Journal.

[17]  Biplab Sikdar,et al.  HAtt: Hybrid Remote Attestation for the Internet of Things With High Availability , 2020, IEEE Internet of Things Journal.

[18]  Ahmad-Reza Sadeghi,et al.  PUFatt: Embedded platform attestation based on novel processor-based PUFs , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[19]  Massimo Alioto,et al.  Token-Based Security for the Internet of Things With Dynamic Energy-Quality Tradeoff , 2019, IEEE Internet of Things Journal.

[20]  Biplab Sikdar,et al.  Mitigating loT Device based DDoS Attacks using Blockchain , 2018, CRYBLOCK@MobiSys.

[21]  Massimo Alioto Enabling the Internet of Things , 2017 .

[22]  Biplab Sikdar,et al.  Data Provenance for IoT With Light Weight Authentication and Privacy Preservation , 2019, IEEE Internet of Things Journal.

[23]  Biplab Sikdar,et al.  DrivMan: Driving Trust Management and Data Sharing in VANETs with Blockchain and Smart Contracts , 2019, 2019 IEEE 89th Vehicular Technology Conference (VTC2019-Spring).

[24]  Srinivas Devadas,et al.  Silicon physical random functions , 2002, CCS '02.

[25]  Biplab Sikdar,et al.  Data Provenance for IoT using Wireless Channel Characteristics and Physically Unclonable Functions , 2019, ICC 2019 - 2019 IEEE International Conference on Communications (ICC).

[26]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[27]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[28]  Adrian Perrig,et al.  SAKE: Software attestation for key establishment in sensor networks , 2011, Ad Hoc Networks.

[29]  Feller William,et al.  An Introduction To Probability Theory And Its Applications , 1950 .

[30]  Biplab Sikdar,et al.  Low Power Data Integrity in IoT Systems , 2018, IEEE Internet of Things Journal.

[31]  Wu He,et al.  Internet of Things in Industries: A Survey , 2014, IEEE Transactions on Industrial Informatics.