A minimalist approach to Remote Attestation

Francillon, Aurélien; Nguyen, Quan Dong; Rasmussen, Kasper; Tsudik, Gene

doi:10.7873/date.2014.257

Cited by 42 publications

(48 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Below we discuss each of them individually and highlight the design principles that must be followed to provide secure attestation. As stated before, we adopt much of previous analyses [Datta et al 2009;Coker et al 2011;Armknecht et al 2013;Li et al 2014;Francillon et al 2014] while centering the discussion around WSNs. CHALLENGE() This procedure is executed by the verifier.…”

Section: System Modelmentioning

confidence: 99%

“…The devices are commonly named after their roles: Verifier and Prover, respectively. The goal of the attestation procedure is to allow an honest, noncompromised, Prover to generate a response that assures the Verifier that the prover is in a legitimate state [Francillon et al 2014]. A compromised Prover will either generate invalid responses or will not be able to generate a valid response within an expected time limit.…”

Section: Attestationmentioning

confidence: 99%

“…Nonetheless, existing analyses are built under different assumptions. For example, [Datta et al 2009], [Coker et al 2011] and [Francillon et al 2014] assume that the verifier and the prover need to share some secret information, e.g., a cryptographic key. They presume that this secret is defined prior to network deployment and that there exists some hardware support preventing the adversary from accessing it.…”

Section: Attestationmentioning

confidence: 99%

“…They also claim that, contrary to some existing schemes, all memories of the prover must be attested and that doing so is quite challenging. [Francillon et al 2014] asserts that software-based techniques can be secure only if the prover and verifier communicate directly with no intermediate nodes, and thus cannot be used to perform attestation across a network. However, [Yang et al 2015] presents a delay-resilient software-based attestation mechanism capable of performing multi-hop attestation named Low-cost Remote Memory Attestation (LRMA).…”

Section: Evidence Acquisitionmentioning

confidence: 99%

See 3 more Smart Citations

Attestation in Wireless Sensor Networks

Steiner

Lupu

2016

ACM Comput. Surv.

View full text Add to dashboard Cite

Attestation is a mechanism used by a trusted entity to validate the software integrity of an untrusted platform. Over the last years, several attestation techniques have been proposed. While they all use variants of a challenge-response protocol, they make different assumptions about what an attacker can and cannot do. Thus, they propose intrinsically divergent validation approaches. We survey in this paper the different approaches to attestation focussing in particular on those aimed at Wireless Sensor Networks. We discuss the motivations, challenges, assumptions, and attacks of each approach. We then organise them in a taxonomy and discuss the state of the art, carefully analysing the advantages and disadvantages of each proposal. We also point towards the open research problems and give directions on how to address them.

show abstract

Section: System Modelmentioning

confidence: 99%

Section: Attestationmentioning

confidence: 99%

Section: Attestationmentioning

confidence: 99%

Section: Evidence Acquisitionmentioning

confidence: 99%

See 2 more Smart Citations

Attestation in Wireless Sensor Networks

Steiner

Lupu

2016

ACM Comput. Surv.

View full text Add to dashboard Cite

show abstract

“…The works that is perhaps closest in spirit and application domain to ours is by Francillon et al [18] who address the problem of remote device attestation. Their approach is also based on provable security, but consider a significantly weaker model where the adversary not tamper or read parts of the internal memory of the device.…”

mentioning

confidence: 99%

Provably-Secure Remote Memory Attestation for Heap Overflow Protection

Boldyreva

Kim

Lipton

et al. 2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Memory corruption attacks may lead to complete takeover of systems. There are numerous works offering protection mechanisms for this important problem. But the security guarantees that are offered by most works are only heuristic and, furthermore, most solutions are designed for protecting the local memory. In this paper we initiate the study of provably secure remote memory attestation; we concentrate on provably detecting heap-based overflow attacks and consider the setting where we aim to protect the memory in a remote system. We present two protocols offering various efficiency and security trade-offs (but all solutions are efficient enough for practical use as our implementation shows) that detect the presence of injected malicious code or data in remotely-stored heap memory. While our solutions offer protection only against a specific class of attacks, our novel formalization of threat models is general enough to cover a wide range of attacks and settings.

show abstract