Streamlining Security Patches and Remote Attestations for the Internet of Things
摘要
Internet of things (IoT) devices without Trusted Platform Modules (TPMs) usually suffer from two limitations. First, such devices resort to store preloaded keying material in software-accessible memory. This necessitates rekeying when fixing software vulnerabilities that might have caused the preloaded keying material to leak. Second, such devices cannot attest their software integrity to a remote verifier. The Device Identifier Composition Engine (DICE) approaches both these limitations through a layered boot process, where a device-specific secret remains within the confines of a trusted first-stage bootloader. Subsequent boot layers derive asymmetric key pairs and build a certificate chain, which includes evidence for remote attestations. Alternatively, subsequent boot layers may avoid asymmetric cryptography. However, that mode of DICE presumes trust in remote verifiers, thereby limiting application scenarios. Thus, asymmetric cryptography is often inevitable, which renders DICE quite communication and processing intensive for low-power IoT devices. In this paper, we propose TinyDICE and the Implicit Remote Attestation Protocol (IRAP). TinyDICE aligns DICE’s asymmetric mode with low-power IoT devices by swapping its explicit certificates for implicit certificates, as well as by compressing certificates. These measures reduce certificate sizes by one order of magnitude and validation times by half compared to the Open Profile for DICE. IRAP, in turn, performs remote attestations with TinyDICE certificates and Fully Hashed Menezes-Qu-Vanstone (FHMQV). Compared to the recent Tiny Remote Attestation Protocol (TRAP), IRAP further reduces communication traffic by 14.9% and processing times by 18.9% in our experiments, while overcoming practical limitations of TRAP, too.