research-article

Remote Attestation for Low-End Prover Devices with Post-Quantum Capabilities

Authors:

Rafael Misoczki,

Manoj R. SastryAuthors Info & Claims

CODASPY '18: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy

Pages 84 - 94

https://doi.org/10.1145/3176258.3176324

Published: 13 March 2018 Publication History

Abstract

Remote attestation is a well-established interactive technique to establish trust in the realm of connected devices. It allows a Prover device to attest its platform integrity to a Verifier device. Existing remote attestation protocols rely on classical asymmetric cryptography, which are too heavy for low-end Prover devices, and vulnerable to quantum attacks (a serious concern due to the long lifespan of IoT devices). Hash-Based Signatures (HBS) offer attractive performance and have capabilities to defeat quantum attacks. This paper presents several contributions in this context. First, we present an efficient remote attestation protocol that requires the Prover to perform only one-time HBS operations, which are very lightweight. Our protocol also proposes robust embedded techniques to refresh one-time keys that allow multiple attestations. Second, we present a simpler construction based on multi-time HBS scheme which does not depend on a trusted-third-party. Third, to demonstrate the feasibility of our protocols, we developed prototypes based on state-of-the-art HBS schemes (XMSS and WOTS+) for highly constrained platforms (Arduino 101) in both classical and post-quantum security settings. Finally, we present a comprehensive comparison between these strategies, including guidance on suitable use cases for each one of them. To summarize, our work demonstrates the feasibility of modern HBS constructions for remote attestation of highly-constrained devices.

References

[1]

Sedat Akleylek, Nina Bindel, Johannes Buchmann, Juliane Krämer, and Giorgia Azzurra Marson. 2016. An Efficient Lattice-based Signature Scheme with Provably Secure Instantiation. In International Conference on Cryptology in Africa. Springer, 44--60.

Digital Library

[2]

R. Alleaume. 2007. SECOQC White Paper on Quantum Key Distribution and Cryptography. (2007).

[3]

Moreno Ambrosin, Hossein Hosseini, Kalikinkar Mandal, Mauro Conti, and Radha Poovendran. 2016. Despicable me (ter): Anonymous and Fine-grained Metering Data Reporting with Dishonest Meters. In IEEE Conference on Communications and Network Security (CNS). 163--171.

[4]

Megumi Ando, Joshua D Guttman, Alberto R Papaleo, and John Scire. 2016. Hash-Based TPM Signatures for the Quantum World International Conference on Applied Cryptography and Network Security. Springer, 77--94.

[5]

Arduino. {n. d.}. Arduino 101. (.{n. d.}). deftempurl%https://www.arduino.cc tempurl accessed 2018-01-03.

[6]

Arduino and ATMEL. {n. d.}. Arduino WiFi 101 Shield. (.{n. d.}). https://www.arduino.cc/en/Main/ArduinoWiFiShield101 tempurl accessed 2017-09--12.

[7]

Frederik Armknecht, Ahmad-Reza Sadeghi, Steffen Schulz, and Christian Wachsmann. 2013. A Security Framework for the Analysis and Design of Software Attestation. In Proceedings of ACM Conference on Computer & Communications Security. 1--12.

Digital Library

[8]

Paulo S. L. M. Barreto, Patrick Longa, Michael Naehrig, Jefferson E. Ricardini, and Gustavo Zanon. 2016. Sharper Ring-LWE Signatures. IACR Cryptology ePrint Archive (2016), 1026.

[9]

C. H. Bennett and G. Brassard. 1984. Quantum Cryptography: Public Key Distribution and Coin Tossing Proceedings of IEEE International Conference on Communication Systems and Signal Processing. New York, 175--179.

[10]

Daniel J. Bernstein, Johannes Buchmann, and Erik Dahmen. 2009. Post-Quantum Cryptography. Springer-Verlag.

Digital Library

[11]

Benoît Bertholon, Sébastien Varrette, and Pascal Bouvry. 2011. Certicloud: a Novel TPM-based Approach to Ensure Cloud IaaS Security IEEE International Conference on Cloud Computing (CLOUD). 121--130.

Digital Library

[12]

SIG Bluetooth. 2010. Bluetooth Core Specification version 4.0. Specification of the Bluetooth System (2010).

[13]

Ferdinand Brasser, Kasper B Rasmussen, Ahmad-Reza Sadeghi, and Gene Tsudik. 2016. Remote Attestation for Low-End Embedded Devices: the Prover's Perspective IEEE Design Automation Conference (DAC). 1--6.

Digital Library

[14]

Johannes Buchmann, Erik Dahmen, and Andreas Hülsing. 2011. XMSS -- a Practical Forward Secure Signature Scheme Based on Minimal Security Assumptions. In PQCrypto. Springer, 117--129.

Digital Library

[15]

Johannes Buchmann, Erik Dahmen, and Michael Schneider. 2008. Merkle Tree Traversal Revisited. 63--78.

Digital Library

[16]

Bernard Candaele, Dimitrios Soudris, and Iraklis Anagnostopoulos. 2015. Trusted Computing for Embedded Systems. Springer.

Digital Library

[17]

Anupam Datta, Jason Franklin, Deepak Garg, and Dilsun Kaynar. 2009. A Logic of Secure Systems and its Application to Trusted Computing. In Security and Privacy, 2009 30th IEEE Symposium on. IEEE, 221--236.

Digital Library

[18]

Danny Dolev and Andrew Yao. 1983. On the Security of Public Key Protocols. IEEE Transactions on Information Theory Vol. 29, 2 (1983), 198--208.

Digital Library

[19]

Léo Ducas, Alain Durmus, Tancrède Lepoint, and Vadim Lyubashevsky. 2013. Lattice Signatures and Bimodal Gaussians. Springer, Berlin, Heidelberg, 40--56.

[20]

C. Elliott, A. Colvin, D. Pearson, O. Pikalo, J. Schlafer, and H. Yeh. 2005. Current status of the DARPA Quantum Network. (2005). https://arxiv.org/ftp/quant-ph/papers/0503/0503058.pdf tempurl accessed 2018-01-03.

[21]

Matthieu Finiasz. 2011. Parallel-CFS. Springer, Berlin, Heidelberg, 159--170.

[22]

Trusted Computing Group. 2011. TPM Main Specification. (2011). https://trustedcomputinggroup.org/tpm-main-specification tempurl accessed 2018-01-03.

[23]

Lov K. Grover. 1996. A Fast Quantum Mechanical Algorithm for Database Search Proceedings of the 28th ACM symposium on Theory of Computing. 212--219.

Digital Library

[24]

Andreas Hülsing. 2013. W-OTS -- Shorter Signatures for Hash-Based Signature Schemes. Springer, Berlin, Heidelberg, 173--188.

[25]

Chongkyung Kil, Emre C Sezer, Ahmed M Azab, Peng Ning, and Xiaolan Zhang. 2009. Remote Attestation to Dynamic System Properties: Towards Providing Complete System Integrity Evidence IEEE International Conference on Dependable Systems & Networks. 115--124.

[26]

N. Koblitz. 1987. Elliptic Curve Cryptosystems. Math. Comp. Vol. 48, 177 (1987), 203--209.

Digital Library

[27]

Tom Lawton. 2014. Meter Operations in A Post AMI World. (2014).

[28]

Yanlin Li, Jonathan M McCune, and Adrian Perrig. 2011. VIPER: Verifying the Integrity of PERipherals' Firmware Proceedings of the 18th ACM Conference on Computer and Communications Security. 3--16.

Digital Library

[29]

Jonathan M McCune, Yanlin Li, Ning Qu, Zongwei Zhou, Anupam Datta, Virgil Gligor, and Adrian Perrig. 2010. TrustVisor: Efficient TCB Reduction and Attestation IEEE Symposium on Security and Privacy. 143--158.

Digital Library

[30]

Jonathan M McCune, Bryan J Parno, Adrian Perrig, Michael K Reiter, and Hiroshi Isozaki. 2008. Flicker: An Execution Infrastructure for TCB Minimization ACM SIGOPS Operating Systems Review, Vol. Vol. 42. ACM, 315--328.

Digital Library

[31]

Patrick McDaniel and Stephen McLaughlin. 2009. Security and Privacy Challenges in the Smart Grid. IEEE Security & Privacy Vol. 7, 3 (2009).

Digital Library

[32]

David McGrew, Panos Kampanakis, Scott Fluhrer, Stefan-Lukas Gazdag, Denis Butin, and Johannes Buchmann. 2016. State Management for Hash-Based Signatures. Springer International Publishing, 244--260.

[33]

Ralph C. Merkle. 1979. Secrecy, Authentication and Public Key Systems. Ph.D. Dissertation. Stanford.

Digital Library

[34]

V. S. Miller. 1986. Use of Elliptic Curves in Cryptography. In Advances in Cryptology. Springer-Verlag, New York, USA, 417--426.

Digital Library

[35]

National Institute of Standards and Technology. {n. d.}. Post-quantum Crypto Project. (. {n. d.}). http://csrc.nist.gov/groups/ST/post-quantum-crypto/tempurl accessed 2017-09-12.

[36]

National Institute of Standards and Technology. 2012. FIPS 180-4 - Secure Hash Standard (SHS). (2012). http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf tempurl accessed 2018-01-03.

[37]

Siani Pearson, Marco Casassa Mont, and Stephen Crane. 2005. Persistent and Dynamic Trust: Analysis and the Related Impact of Trusted Platforms. In International Conference on Trust Management. Springer, 355--363.

Digital Library

[38]

Global Platform. 2011. The Trusted Execution Environment: Delivering Enhanced Security at a Lower Cost to the Mobile Market. White Paper (February. 2011).

[39]

European Comission CORDIS Community Research and Development Information Service. {n. d.}. PQCrypto Project. (. {n. d.}). deftempurl%http://cordis.europa.eu/project/rcn/194347_en.html tempurl accessed 2017-09-12.

[40]

R. L. Rivest, A. Shamir, and L. M. Adleman. 1978. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems Communications of the ACM, Vol. Vol. 21. 120--126.

Digital Library

[41]

Nuno Santos, Rodrigo Rodrigues, Krishna P Gummadi, and Stefan Saroiu. 2012. Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services. In USENIX Security Symposium. 175--188.

Digital Library

[42]

Arvind Seshadri, Mark Luk, and Adrian Perrig. 2008. SAKE: Software Attestation for Key Establishment in Sensor Networks. In International Conference on Distributed Computing in Sensor Systems. Springer, 372--385.

Digital Library

[43]

Arvind Seshadri, Mark Luk, Adrian Perrig, Leendert van Doorn, and Pradeep Khosla. 2006. SCUBA: Secure Code Update by Attestation in sensor networks Proceedings of the 5th ACM Workshop on Wireless Security. 85--94.

Digital Library

[44]

Arvind Seshadri, Adrian Perrig, Leendert Van Doorn, and Pradeep Khosla. 2004. SWATT: SoftWare-based ATTestation for Embedded Devices IEEE Symposium on Security and Privacy. 272--282.

[45]

Mark Shaneck, Karthikeyan Mahadevan, Vishal Kher, and Yongdae Kim. 2005. Remote Software-based Attestation for Wireless Sensors European Workshop on Security in Ad-hoc and Sensor Networks. Springer, 27--41.

Digital Library

[46]

P. W. Shor. 1997. Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer. Society for Industrial and Applied Mathematics Journal on Computing Vol. 26, 5 (1997), 1484--1509.

Digital Library

[47]

Hailun Tan, Wen Hu, and Sanjay Jha. 2011. A TPM-enabled Remote Attestation Protocol (TRAP) in Wireless Sensor Networks. In Proceedings of the 6th ACM Workshop on Performance Monitoring and Measurement of Heterogeneous Wireless and Wired Networks. 9--16.

Digital Library

[48]

Song Tan, Debraj De, Wen-Zhan Song, Junjie Yang, and Sajal K Das. 2016. Survey of Security Advances in Smart Grid: A Data Driven Approach. IEEE Communications Surveys & Tutorials (2016).

Cited By

Román RArjona RBaturone I(2023)A lightweight remote attestation using PUFs and hash-based signatures for low-end IoT devicesFuture Generation Computer Systems10.1016/j.future.2023.06.008148:C(425-435)Online publication date: 1-Nov-2023
https://dl.acm.org/doi/10.1016/j.future.2023.06.008
Ma YKashefi EArapinis MChakraborty KKaplan M(2022)QEnclave - A practical solution for secure quantum cloud computingnpj Quantum Information10.1038/s41534-022-00612-58:1Online publication date: 5-Nov-2022
https://doi.org/10.1038/s41534-022-00612-5
Roman RArjona RArcenegui JBaturone I(2020)Hardware Security for eXtended Merkle Signature Scheme Using SRAM-based PUFs and TRNGs2020 32nd International Conference on Microelectronics (ICM)10.1109/ICM50269.2020.9331821(1-4)Online publication date: 14-Dec-2020
https://doi.org/10.1109/ICM50269.2020.9331821

Index Terms

Remote Attestation for Low-End Prover Devices with Post-Quantum Capabilities
1. Security and privacy

Recommendations

Practical and post-quantum authenticated key exchange from one-way secure key encapsulation mechanism
ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security

This paper discusses how to realize practical post-quantum authenticated key exchange (AKE) with strong security, i.e., CK⁺ security (Krawczyk, CRYPTO 2005). It is known that strongly secure post-quantum AKE protocols exist on a generic construction ...
Quantum-Access Security of Hash-Based Signature Schemes
Information Security and Privacy
Abstract
In post-quantum cryptography, hash-based signature schemes are attractive choices because of the weak assumptions. Most existing hash-based signature schemes are proven secure against post-quantum chosen message attacks (CMAs), where the ...
A lightweight remote attestation using PUFs and hash-based signatures for low-end IoT devices
Abstract
Remote attestation is a powerful mechanism that allows a verifier to know if the hardware of an IoT (Internet-of-Thing) device (acting as a prover) has been counterfeited or tampered with and if its firmware has been altered. Remote attestation ...
Highlights
- Establishing a RoT for Measuring and Reporting using an Attestation ROM with a PUF.
- Combining OTS and MTS hash-based signatures in a remote attestation protocol.
- Evaluating in an ESP32 microcontroller the use of WOTS+ and SDS-OTS ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CODASPY '18: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy

March 2018

401 pages

ISBN:9781450356329

DOI:10.1145/3176258

General Chairs:
Ziming Zhao
Arizona State University, USA
,
Gail-Joon Ahn
Arizona State University, USA & Samsung Research, Korea
,
Program Chairs:
Ram Krishnan
University of Texas at San Antonio, USA
,
Gabriel Ghinita
University of Massachusetts Boston, USA

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 March 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CODASPY '18

Sponsor:

SIGSAC

CODASPY '18: Eighth ACM Conference on Data and Application Security and Privacy

March 19 - 21, 2018

AZ, Tempe, USA

Acceptance Rates

CODASPY '18 Paper Acceptance Rate 23 of 110 submissions, 21%;

Overall Acceptance Rate 149 of 789 submissions, 19%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
269
Total Downloads

Downloads (Last 12 months)17
Downloads (Last 6 weeks)2

Reflects downloads up to 14 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Román RArjona RBaturone I(2023)A lightweight remote attestation using PUFs and hash-based signatures for low-end IoT devicesFuture Generation Computer Systems10.1016/j.future.2023.06.008148:C(425-435)Online publication date: 1-Nov-2023
https://dl.acm.org/doi/10.1016/j.future.2023.06.008
Ma YKashefi EArapinis MChakraborty KKaplan M(2022)QEnclave - A practical solution for secure quantum cloud computingnpj Quantum Information10.1038/s41534-022-00612-58:1Online publication date: 5-Nov-2022
https://doi.org/10.1038/s41534-022-00612-5
Roman RArjona RArcenegui JBaturone I(2020)Hardware Security for eXtended Merkle Signature Scheme Using SRAM-based PUFs and TRNGs2020 32nd International Conference on Microelectronics (ICM)10.1109/ICM50269.2020.9331821(1-4)Online publication date: 14-Dec-2020
https://doi.org/10.1109/ICM50269.2020.9331821

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents