优先级:P物理上相关的功能,R远程认证协议

IF 2.8 3区 计算机科学 Q2 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE
Anupam Mondal, Shreya Gangopadhyay, Durba Chatterjee, Harishma Boyapally, Debdeep Mukhopadhyay
{"title":"优先级:P物理上相关的功能,R远程认证协议","authors":"Anupam Mondal, Shreya Gangopadhyay, Durba Chatterjee, Harishma Boyapally, Debdeep Mukhopadhyay","doi":"10.1145/3609104","DOIUrl":null,"url":null,"abstract":"Remote attestation is a request-response based security service that permits a trusted entity (verifier) to check the current state of an untrusted remote device (prover). The verifier initiates the attestation process by sending an attestation challenge to the prover; the prover responds with its current state, which establishes its trustworthiness. Physically Unclonable Function (PUF) offers an attractive choice for hybrid attestation schemes owing to its low overhead security guarantees. However, this comes with the limitation of secure storage of the PUF model or large challenge-response database on the verifier end. To address these issues, in this work, we propose a hybrid attestation framework, named PReFeR , that leverages a new class of hardware primitive known as Physically Related Function (PReF) to remotely attest low-end devices without the requirement of secure storage or heavy cryptographic operations. It comprises a static attestation scheme that validates the memory state of the remote device prior to code execution, followed by a dynamic run-time attestation scheme that asserts the correct code execution by evaluating the content of special registers present in embedded systems, known as hardware performance counters (HPC). The use of HPCs in the dynamic attestation scheme mitigates the popular class of attack known as the time-of-check-time-of-use (TOCTOU) attack, which has broken several state-of-the-art hybrid attestation schemes. We demonstrate our protocol and present our experimental results using a prototype implementation on Digilent Cora Z7 board, a low-cost embedded platform, specially designed for IoT applications.","PeriodicalId":50914,"journal":{"name":"ACM Transactions on Embedded Computing Systems","volume":"28 1","pages":"0"},"PeriodicalIF":2.8000,"publicationDate":"2023-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"PReFeR : <u>P</u> hysically <u>Re</u> lated <u>F</u> unction bas <u>e</u> d <u>R</u> emote Attestation Protocol\",\"authors\":\"Anupam Mondal, Shreya Gangopadhyay, Durba Chatterjee, Harishma Boyapally, Debdeep Mukhopadhyay\",\"doi\":\"10.1145/3609104\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Remote attestation is a request-response based security service that permits a trusted entity (verifier) to check the current state of an untrusted remote device (prover). The verifier initiates the attestation process by sending an attestation challenge to the prover; the prover responds with its current state, which establishes its trustworthiness. Physically Unclonable Function (PUF) offers an attractive choice for hybrid attestation schemes owing to its low overhead security guarantees. However, this comes with the limitation of secure storage of the PUF model or large challenge-response database on the verifier end. To address these issues, in this work, we propose a hybrid attestation framework, named PReFeR , that leverages a new class of hardware primitive known as Physically Related Function (PReF) to remotely attest low-end devices without the requirement of secure storage or heavy cryptographic operations. It comprises a static attestation scheme that validates the memory state of the remote device prior to code execution, followed by a dynamic run-time attestation scheme that asserts the correct code execution by evaluating the content of special registers present in embedded systems, known as hardware performance counters (HPC). The use of HPCs in the dynamic attestation scheme mitigates the popular class of attack known as the time-of-check-time-of-use (TOCTOU) attack, which has broken several state-of-the-art hybrid attestation schemes. We demonstrate our protocol and present our experimental results using a prototype implementation on Digilent Cora Z7 board, a low-cost embedded platform, specially designed for IoT applications.\",\"PeriodicalId\":50914,\"journal\":{\"name\":\"ACM Transactions on Embedded Computing Systems\",\"volume\":\"28 1\",\"pages\":\"0\"},\"PeriodicalIF\":2.8000,\"publicationDate\":\"2023-09-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Transactions on Embedded Computing Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3609104\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Embedded Computing Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3609104","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0

摘要

远程认证是一种基于请求-响应的安全服务,它允许受信任实体(验证者)检查不受信任的远程设备(证明者)的当前状态。验证者通过向证明者发送认证质疑来启动认证过程;证明者以其当前状态进行响应,从而建立其可信度。物理不可克隆功能(PUF)由于其低开销的安全保证,为混合认证方案提供了一个有吸引力的选择。然而,这带来了PUF模型的安全存储或验证者端的大型质询-响应数据库的限制。为了解决这些问题,在这项工作中,我们提出了一个名为PReFeR的混合认证框架,它利用一类称为物理相关功能(PReF)的新硬件原语来远程验证低端设备,而不需要安全存储或繁重的加密操作。它包括一个静态认证方案,用于在代码执行之前验证远程设备的内存状态,然后是一个动态运行时认证方案,该方案通过评估嵌入式系统中存在的特殊寄存器(称为硬件性能计数器(HPC))的内容来断言正确的代码执行。在动态认证方案中使用hpc可以减轻被称为“检查时间-使用时间”(TOCTOU)攻击的流行攻击类别,这种攻击已经破坏了几种最先进的混合认证方案。我们使用Digilent Cora Z7板上的原型实现演示了我们的协议并展示了我们的实验结果,Digilent Cora Z7板是专为物联网应用而设计的低成本嵌入式平台。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
PReFeR : P hysically Re lated F unction bas e d R emote Attestation Protocol
Remote attestation is a request-response based security service that permits a trusted entity (verifier) to check the current state of an untrusted remote device (prover). The verifier initiates the attestation process by sending an attestation challenge to the prover; the prover responds with its current state, which establishes its trustworthiness. Physically Unclonable Function (PUF) offers an attractive choice for hybrid attestation schemes owing to its low overhead security guarantees. However, this comes with the limitation of secure storage of the PUF model or large challenge-response database on the verifier end. To address these issues, in this work, we propose a hybrid attestation framework, named PReFeR , that leverages a new class of hardware primitive known as Physically Related Function (PReF) to remotely attest low-end devices without the requirement of secure storage or heavy cryptographic operations. It comprises a static attestation scheme that validates the memory state of the remote device prior to code execution, followed by a dynamic run-time attestation scheme that asserts the correct code execution by evaluating the content of special registers present in embedded systems, known as hardware performance counters (HPC). The use of HPCs in the dynamic attestation scheme mitigates the popular class of attack known as the time-of-check-time-of-use (TOCTOU) attack, which has broken several state-of-the-art hybrid attestation schemes. We demonstrate our protocol and present our experimental results using a prototype implementation on Digilent Cora Z7 board, a low-cost embedded platform, specially designed for IoT applications.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
ACM Transactions on Embedded Computing Systems
ACM Transactions on Embedded Computing Systems 工程技术-计算机:软件工程
CiteScore
3.70
自引率
0.00%
发文量
138
审稿时长
6 months
期刊介绍: The design of embedded computing systems, both the software and hardware, increasingly relies on sophisticated algorithms, analytical models, and methodologies. ACM Transactions on Embedded Computing Systems (TECS) aims to present the leading work relating to the analysis, design, behavior, and experience with embedded computing systems.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信