ERASMUS: Efficient Remote Attestation via Self‐Measurement for Unattended Settings

Xavier Carpent^a, Norrathep Rattanavipanon^b and Gene Tsudik^c
UC Irvine
^axcarpent@uci.edu
^bnrattana@uci.edu
^cgene.tsudik@uci.edu

ABSTRACT

Remote attestation (RA) is a popular means of detecting malware in embedded and IoT devices. RA is usually realized as a protocol via which a trusted verifier measures software integrity of an untrusted remote device called prover. All prior RA techniques require on‐demand operation. We identify two drawbacks of this approach in the context of unattended devices: First, it fails to detect mobile malware that enters and leaves the prover between successive RA instances. Second, it requires the prover to engage in a potentially expensive computation, which can negatively impact safety‐critical or real time devices. To this end, we introduce the concept of self‐measurement whereby a prover periodically (and securely) measures and records its own software state. A verifier then collects and verifies these measurements. We demonstrate a concrete technique called ERASMUS, justify its features, and evaluate its performance. We show that ERASMUS is well‐suited for safety‐critical applications. We also define a new metric ‐ Quality of Attestation (QoA).

---

Full Text (PDF)

© 2018 EDAA. All rights reserved.