Browse > Article
http://dx.doi.org/10.13089/JKIISC.2016.26.5.1211

Software Code Attestation for IoT Devices by Bluetooth Low Energy  

Kim, GeunYoung (INHA University)
Kang, Jeonil (INHA University)
Nyang, DaeHun (INHA University)
Lee, KyungHee (The university of Suwon)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.26, no.5, 2016 , pp. 1211-1221 More about this Journal
Abstract
In IoT environment, making sure of trust of IoT devices is the most important one than others. The security threats of nowadays almost stay at exposure or tampering of information. However, if human life is strongly connected to the Internet by IoT devices, the security threats will probably target human directly. In case of devices, authentication is verified using the device-known private key. However, if attacker can modify the device physically, knowing the private key cannot be the evidence of trust any more. Thus, we need stronger verification method like code attestation. In this paper, we use software-based code attestation for efficiency. We also suggest secure code attestation method against copy of original code and implement it on embedded device and analyze its performance.
Keywords
Software Code attestation; IoT device;
Citations & Related Records
연도 인용수 순위
  • Reference
1 SUNNYVALE, calif.-January 16, 2014. Proofpoint, Inc.
2 Dieter Bohn.-June 13, 2013. The Verge, Vox Media, Inc.
3 Diomidis Spinellis, "Reflection as a Mechanism for Software Integrity Verification," ACM Transactions on Information and System Security, Vol. 3, No. 1, pp. 51-62, February 2000.   DOI
4 Seshadri, A., Perrig, A., Van Doorn, L., & Khosla, P. (2004, May). SWATT: Software-based attestation for embedded devices. In Security and Privacy, 2004. Proceedings. 2004 IEEE Symposium on (pp. 272-282). IEEE.
5 Seshadri, A., Luk, M., Perrig, A., van Doorn, L., & Khosla, P. (2006, September). SCUBA: Secure code update by attestation in sensor networks. In Proceedings of the 5th ACM workshop on Wireless security (pp. 85-94). ACM.
6 Shaneck, M., Mahadevan, K., Kher, V., & Kim, Y. (2005, July). Remote software-based attestation for wireless sensors. In European Workshop on Security in Ad-hoc and Sensor Networks (pp. 27-41). Springer Berlin Heidelberg.
7 Choi, Y. G., Kang, J., & Nyang, D. (2007, August). Proactive code verification protocol in wireless sensor network. In International Conference on Computational Science and Its Applications (pp. 1085-1096). Springer Berlin Heidelberg.
8 T. AbuHmed, J. Kang, D. Nyang, and KyungHee Lee, "A Software-Based Group Attestation for Wireless Sensor Networks," Adhoc & Sensor Wireless Networks Journal, Vol. 13, No. 1-2, pp. 121-154, Jan 2011.
9 Blom, Gunnar; Holst, Lars; Sandell, Dennis (1994), "7.5 Coupon collecting I, 7.6 Coupon collecting II, and 15.4 Coupon collecting III", Problems and Snapshots from the World of Probability, New York: Springer-Verlag, pp. 85-87, 191, ISBN 0-387-94161-4, MR 1265713.
10 Bluetooth Smar of Version 4.0+ of the Bluetooth specification, https://www.bluetooth.com/what-is-bluetooth-technology/bluetooth-technology-basics/low-energy
11 Arduino UNO, http://www.arduino.cc/en/Main/ArduinoBoardUno
12 Castelluccia, C., Francillon, A., Perito, D., & Soriente, C. (2009, November). On the difficulty of software-based attestation of embedded devices. In Proceedings of the 16th ACM conference on Computer and communications security (pp. 400-409). ACM.
13 Biryukov, Alex, Daniel Dinu, and Dmitry Khovratovich. "Fast and Tradeoff-Resilient Memory-Hard Functions for Cryptocurrencies and Password Hashing."IACR Cryptology ePrint Archive 2015 (2015): 430.
14 DZIEMBOWSKI, Stefan, et al. Proofs of space. In: Annual Cryptology Conference. Springer Berlin Heidelberg, 2015. p. 585-605.