DeepAI AI Chat
Log In Sign Up

Remote Attestation: A Literature Review

by   Alexander Sprogø Banks, et al.
IT University of Copenhagen

With the rising number of IoT devices, the security of such devices becomes increasingly important. Remote attestation (RA) is a distinct security service that allows a remote verifer to reason about the state of an untrusted remote prover (device). Paradigms of remote attestation span from exclusively software, in software-based attestation, to exclusively hardware-based. In between the extremes are hybrid attestation that utilize the enhanced security of secure hardware components in combination with the lower cost of purely software-based implementations. Traditional remote attestation protocols are concerned with reasoning about the state of a prover. However, extensions to remote attestation also exist, such as code updates, device resets, erasure and attestation of the device's run-time state. Furthermore, as interconnected IoT devices are becoming increasingly more popular, so is the need for attestation of device swarms. We will describe and evaluate the state-of-the-art for remote attestation, which covers singular attestation of devices as well as newer research in the area of formally verified RA protocols, swarm attestation and control-flow attestation.


page 1

page 2

page 3

page 4


Poster: Control-Flow Integrity in Low-end Embedded Devices

Embedded, smart, and IoT devices are increasingly popular in numerous ev...

RADIS: Remote Attestation of Distributed IoT Services

Remote attestation is a security technique by which a potentially untrus...

SEDAT:Security Enhanced Device Attestation with TPM2.0

Remote attestation is one of the ways to verify the state of an untruste...

NetSD: Remote Access to Integrated SD Cards of Embedded Devices

Digitalization continuously pervades all areas and the Internet of Thing...

Privacy-from-Birth: Protecting Sensed Data from Malicious Sensors with VERSA

There are many well-known techniques to secure sensed data in IoT/CPS sy...

Secure Memory Erasure in the Presence of Man-in-the-Middle Attackers

Memory erasure protocols serve to clean up a device's memory before the ...

BLINDTRUST: Oblivious Remote Attestation for Secure Service Function Chains

With the rapidly evolving next-generation systems-of-systems, we face ne...