Boot Attestation: Secure Remote Reporting with Off-The-Shelf IoT Sensors

A major challenge in computer security is about establishing the trustworthiness of remote platforms. Remote attestation is the most common approach to this challenge. It allows a remote platform to measure and report its system state in a secure way to a third party. Unfortunately, existing attestation solutions either provide low security, as they rely on unrealistic assumptions, or are not applicable to commodity low-cost and resource-constrained devices, as they require custom secure hardware extensions that are difficult to adopt across IoT vendors. In this work, we propose a novel remote attestation scheme, named Boot Attestation, that is particularly optimized for low-cost and resource-constrained embedded devices. In Boot Attestation, software integrity measurements are immediately committed to during boot, thus relaxing the traditional requirement for secure storage and reporting. Our scheme is very light on cryptographic requirements and storage, allowing efficient implementations, even on the most low-end IoT platforms available today. We also describe extensions for more flexible management of ownership and third party (public-key) attestation that may be desired in fully Internet-enabled devices. Our scheme is supported by many existing off-the-shelf devices. To this end, we review the hardware protection capabilities for a number of popular device types and present implementation results for two such commercially available platforms.

[1]  Pradeep K. Khosla,et al.  SWATT: softWare-based attestation for embedded devices , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[2]  Avishai Wool,et al.  Cracking the Bluetooth PIN , 2005, MobiSys '05.

[3]  Elaine Shi,et al.  Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems , 2005, SOSP '05.

[4]  L. V. Doorn,et al.  SCUBA: Secure Code Update By Attestation in sensor networks , 2006, WiSe '06.

[5]  Tadayoshi Kohno,et al.  Devices That Tell on You: Privacy Trends in Consumer Ubiquitous Computing , 2007, USENIX Security Symposium.

[6]  Ahmad-Reza Sadeghi,et al.  Efficient Helper Data Key Extractor on FPGAs , 2008, CHES.

[7]  Frederik Armknecht,et al.  Memory Leakage-Resilient Encryption Based on Physically Unclonable Functions , 2009, ASIACRYPT.

[8]  Claudio Soriente,et al.  On the difficulty of software-based attestation of embedded devices , 2009, CCS.

[9]  Ingrid Verbauwhede,et al.  Low-Overhead Implementation of a Soft Decision Helper Data Algorithm for SRAM PUFs , 2009, CHES.

[10]  Adrian Perrig,et al.  SBAP: Software-Based Attestation for Peripherals , 2010, TRUST.

[11]  Gene Tsudik,et al.  Secure Code Update for Embedded Devices via Proofs of Secure Erasure , 2010, ESORICS.

[12]  Adrian Perrig,et al.  VIPER: verifying the integrity of PERipherals' firmware , 2011, CCS '11.

[13]  Adrian Perrig,et al.  Bootstrapping Trust in Modern Computers , 2011, Springer Briefs in Computer Science.

[14]  Geert Jan Schrijen,et al.  Comparative analysis of SRAM memories used as PUF primitives , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[15]  Karim M. El Defrawy,et al.  SMART: Secure and Minimal Architecture for (Establishing Dynamic) Root of Trust , 2012, NDSS.

[16]  Xeno Kovah,et al.  New Results for Timing-Based Attestation , 2012, 2012 IEEE Symposium on Security and Privacy.

[17]  Karim Eldefrawy SMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust , 2012, NDSS 2012.

[18]  Mike Ryan,et al.  Bluetooth: With Low Energy Comes Low Security , 2013, WOOT.

[19]  Frederik Armknecht,et al.  A security framework for the analysis and design of software attestation , 2013, CCS.

[20]  Ittai Anati,et al.  Innovative Technology for CPU Based Attestation and Sealing , 2013 .

[21]  Frank Piessens,et al.  Sancus: Low-cost Trustworthy Extensible Networked Devices with a Zero-software Trusted Computing Base , 2013, USENIX Security Symposium.

[22]  Vijay Varadharajan,et al.  TrustLite: a security architecture for tiny embedded devices , 2014, EuroSys '14.

[23]  Aurélien Francillon,et al.  A Large-Scale Analysis of the Security of Embedded Firmwares , 2014, USENIX Security Symposium.

[24]  Tolga Arul,et al.  Lightweight Anti-counterfeiting Solution for Low-End Commodity Hardware Using Inherent PUFs , 2014, TRUST.

[25]  Gene Tsudik,et al.  A minimalist approach to Remote Attestation , 2014, 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[26]  Wenting Li,et al.  Secure Erasure and Code Update in Legacy Sensors , 2015, TRUST.

[27]  Ahmad-Reza Sadeghi,et al.  TyTAN: Tiny trust anchor for tiny devices , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[28]  Stefan Katzenbeisser,et al.  PUF-Based Software Protection for Low-End Embedded Devices , 2015, TRUST.

[29]  Adrian Perrig,et al.  Establishing Software-Only Root of Trust on Embedded Systems: Facts and Fiction , 2015, Security Protocols Workshop.

[30]  Ahmad-Reza Sadeghi,et al.  SEDA: Scalable Embedded Device Attestation , 2015, CCS.

[31]  Stefan Katzenbeisser,et al.  Secure Code Updates for Mesh Networked Commodity Low-End Embedded Devices , 2016, ESORICS.

[32]  Mauro Conti,et al.  SANA: Secure and Scalable Aggregate Network Attestation , 2016, CCS.

[33]  Wen Chen,et al.  SoC Security and Debug , 2017 .

[34]  Galen C. Hunt,et al.  The Seven Properties of Highly Secure Devices , 2017 .

[35]  Gene Tsudik,et al.  Lightweight Swarm Attestation: A Tale of Two LISA-s , 2017, AsiaCCS.