| Title | ERASMUS: Efficient remote attestation via self-measurement for unattended settings |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Carpent, X., Tsudik, G., Rattanavipanon, N. |
| Conference Name | 2018 Design, Automation Test in Europe Conference Exhibition (DATE) |
| Date Published | mar |
| Keywords | attestation, composability, concrete technique, efficient remote attestation, embedded devices, ERASMUS, Human Behavior, Internet of Things, invasive software, IoT devices, Malware, mobile computing, mobile malware, on-demand operation, Phase measurement, potentially expensive computation, pubcrawl, Quality-of-Attestation, RA techniques, Radio frequency, real-time devices, Real-time Systems, remote attestation, Resiliency, safety-critical applications, security, software integrity, software state, Time measurement, unattended devices, untrusted remote device |
| Abstract | Remote attestation (RA) is a popular means of detecting malware in embedded and IoT devices. RA is usually realized as a protocol via which a trusted verifier measures software integrity of an untrusted remote device called prover. All prior RA techniques require on-demand operation. We identify two drawbacks of this approach in the context of unattended devices: First, it fails to detect mobile malware that enters and leaves the prover between successive RA instances. Second, it requires the prover to engage in a potentially expensive computation, which can negatively impact safety-critical or real-time devices. To this end, we introduce the concept of self-measurement whereby a prover periodically (and securely) measures and records its own software state. A verifier then collects and verifies these measurements. We demonstrate a concrete technique called ERASMUS, justify its features, and evaluate its performance. We show that ERASMUS is well-suited for safety-critical applications. We also define a new metric - Quality of Attestation (QoA). |
| DOI | 10.23919/DATE.2018.8342195 |
| Citation Key | carpent_erasmus:_2018 |
ERASMUS: Efficient remote attestation via self-measurement for unattended settings