Challenges in Remote Attestation of Low-End Embedded Devices (DLS in Cybersecurity)

11.12.2014, 16:15 – 17:15

2014/12/11 16:15-17:15

Speaker: Gene Tsudik, UC Irvine, USA | Location: Hochschulstraße 10 (S2|02), Piloty Building, Room C110

Organizer: CASED, CROSSING and EC SPRIDE

Abstract

Embedded computing devices increasingly permeate many aspects of modern life: from medical to automotive, from building and factory automation to weapons, from avionics to home entertainment. Despite their specialized nature as well as limited resources and connectivity, these devices are becoming an increasingly popular and attractive target for remote malware infestation attacks, exemplified by Stuxnet [1]. December 11, 2014 Many mitigation techniques have been proposed, varying in terms of generality and underlying assumptions. One common theme is the need for Remote Attestation, a distinct security service that allows a trusted party (verifier) to check the internal state of a remote untrusted embedded device (prover). Purely software-based techniques, while efficient, offer dubious security guarantees. At the same time, most hardware-based techniques are too costly for low-end embedded devices.

This talk focuses on three important challenges in designing Remote Attestation techniques for low-end embedded devices. First, what is the minimal set of hardware and software features for a low-end embedded device to attain provably secure remote attestation, under the strongest possible and realistic adversary model? Second, what mechanisms and features are needed to protect the remote attestation process from unauthorized invocation, i.e., how to assure that an embedded device is not being misused? Third, how to design efficient remote attestation for a multitude of potentially heterogeneous embedded devices, e.g., within a vehicle, a household, or an aircraft?

NOTE: joint work with K. Eldefrawy, A. Francillon, D. Perito and K. Rasmussen.

Short Bio

Prof. Gene Tsudik is a Chancellor's Professor of Computer Science at the UC Irvine (UCI). He obtained his PhD in Computer Science from USC in 1991. Before coming to UCI in 2000, he was at IBM Zurich Research Laboratory (1991-1996) and USC/ISI (1996-2000). Over the years, his research interests included numerous topics in security, privacy and applied cryptography. Since 2009, he serves as the Editor-in-Chief of ACM Transactions on Information and Systems Security (TISSEC). He is a former Fulbright Lecturer and an IEEE Fellow.