Lightweight Swarm Attestation

“…Prover Capability Requirements and Assumptions. In line with all the previous works in swarm attestation [5,7,11,21], and in particular according to very recent works on non-interactive attestation [22], we assume each device presents the following minimal features: (i) A Read-Only Memory (ROM), where integrity-protected attestation code should reside; (ii) A Memory Protection Unit (MPU), that allows to enforce access control on areas of the memory, e.g., readonly access to certain memory areas exclusively to attestation protocol code [18]; Fig. 1: Target system model for PADS.…”

“…While resolving most of the major shortcomings of SEDA, SANA still requires full connectivity among devices; moreover, it introduces severe overhead on low-end provers. More recently, [11] propose two remote attestation protocols that improve SEDA with respect to scalability and resiliency to hardware attacks. However, [11] requires full connectivity among devices for the whole attestation process.…”

“…More recently, [11] propose two remote attestation protocols that improve SEDA with respect to scalability and resiliency to hardware attacks. However, [11] requires full connectivity among devices for the whole attestation process. Remarkably, the recent work in [24] improves SEDA by supporting more dynamic networks, at the price, however of additional complexity in the system (election of clustered nodes, etc.).…”

“…More recently, Carpent et al [12] proposed ERASMUS, a remote attestation protocol for unattended devices which unlike other RA schemes promises to identify mobile adversaries between two successive attestation periods. Although it substantially minimizes prover's computation but [12] leverages SEDA or LISA [7,11] for collective attestation of swarms. Thus inherits their shortcomings.…”

“…6 Both options are valid, and the decision should be made depending on the tradeoff between performance and security. In what follows, we target software-only attackers and, for ease of exposition, similarly to [11], we consider the symmetric case (1) to describe and evaluate PADS. Appendix A briefly discusses potential consequences of having a stronger adversary in the system.…”

PADS: Practical Attestation for Highly Dynamic Swarm Topologies

“…Prover Capability Requirements and Assumptions. In line with all the previous works in swarm attestation [5,7,11,21], and in particular according to very recent works on non-interactive attestation [22], we assume each device presents the following minimal features: (i) A Read-Only Memory (ROM), where integrity-protected attestation code should reside; (ii) A Memory Protection Unit (MPU), that allows to enforce access control on areas of the memory, e.g., readonly access to certain memory areas exclusively to attestation protocol code [18]; Fig. 1: Target system model for PADS.…”

“…While resolving most of the major shortcomings of SEDA, SANA still requires full connectivity among devices; moreover, it introduces severe overhead on low-end provers. More recently, [11] propose two remote attestation protocols that improve SEDA with respect to scalability and resiliency to hardware attacks. However, [11] requires full connectivity among devices for the whole attestation process.…”

“…More recently, [11] propose two remote attestation protocols that improve SEDA with respect to scalability and resiliency to hardware attacks. However, [11] requires full connectivity among devices for the whole attestation process. Remarkably, the recent work in [24] improves SEDA by supporting more dynamic networks, at the price, however of additional complexity in the system (election of clustered nodes, etc.).…”

“…More recently, Carpent et al [12] proposed ERASMUS, a remote attestation protocol for unattended devices which unlike other RA schemes promises to identify mobile adversaries between two successive attestation periods. Although it substantially minimizes prover's computation but [12] leverages SEDA or LISA [7,11] for collective attestation of swarms. Thus inherits their shortcomings.…”

“…6 Both options are valid, and the decision should be made depending on the tradeoff between performance and security. In what follows, we target software-only attackers and, for ease of exposition, similarly to [11], we consider the symmetric case (1) to describe and evaluate PADS. Appendix A briefly discusses potential consequences of having a stronger adversary in the system.…”

PADS: Practical Attestation for Highly Dynamic Swarm Topologies

Advanced Attacks and Protection Mechanisms in IoT Devices and Networks

LegIoT: Ledgered Trust Management Platform for IoT