Towards more practical software-based attestation

File Description SizeFormat 
paper.pdfFile embargoed until 10 November 2019595.88 kBAdobe PDF    Request a copy
Title: Towards more practical software-based attestation
Authors: Steiner, RV
Lupu, E
Item Type: Journal Article
Abstract: Software-based attestation promises to enable the integrity verification of untrusted devices without requiring any particular hardware. However, existing proposals rely on strong assumptions that hinder their deployment and might even weaken their security. One of such assumptions is that using the maximum known network round-trip time to define the attestation timeout allows all honest devices to reply in time. While this is normally true in controlled environments, it is generally false in real deployments and especially so in a scenario like the Internet of Things where numerous devices communicate over an intrinsically unreliable wireless medium. Moreover, a larger timeout demands more computations, consuming extra time and energy and restraining the untrusted device from performing its main tasks. In this paper, we review this fundamental and yet overlooked assumption and propose a novel stochastic approach that significantly improves the overall attestation performance. Our experimental evaluation with IoT devices communicating over real-world uncontrolled Wi-Fi networks demonstrates the practicality and superior performance of our approach that in comparison with the current state of the art solution reduces the total attestation time and energy consumption around seven times for honest devices and two times for malicious ones, while improving the detection rate of honest devices (8% higher TPR) without compromising security (0% FPR).
Issue Date: 11-Feb-2019
Date of Acceptance: 6-Nov-2018
ISSN: 1389-1286
Publisher: Elsevier BV
Start Page: 43
End Page: 55
Journal / Book Title: Computer Networks
Volume: 149
Copyright Statement: © 2018 Elsevier Ltd. All rights reserved. This manuscript is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Licence
Keywords: 08 Information And Computing Sciences
10 Technology
09 Engineering
Networking & Telecommunications
Publication Status: Published
Embargo Date: 2019-11-10
Online Publication Date: 2018-11-10
Appears in Collections:Faculty of Engineering

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

Creative Commonsx