Attestation with Constrained Relying Party

Mariam Moustafa.; Arto Niemi.; Philip Ginzboorg.; Jan-Erik Ekberg.

doi:10.5220/0012319300003648

Attestation with Constrained Relying Party

Mariam Moustafa., Arto Niemi., Philip Ginzboorg., Jan-Erik Ekberg.

Department of Applied Mathematics and Computer Science

Huawei Technologies Co., Ltd.

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

32 Downloads (Orbit)

Abstract

Allowing a compromised device to e.g., receive privacy-sensitive sensor readings carries significant privacy risks, but to implement the relying party of a contemporary attestation protocol in a computationally constrained sensor is not feasible, and the network reach of a sensor is often limited. In this paper, we present a remote platform attestation protocol suitable for relying parties that are limited to symmetric-key cryptography and a single communication channel. We validate its security with the ProVerif model checker.

Original language	English
Title of host publication	Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP
Volume	1
Publisher	SCITEPRESS Digital Library
Publication date	2024
Pages	701-708
ISBN (Electronic)	978-989-758-683-5
DOIs	https://doi.org/10.5220/0012319300003648
Publication status	Published - 2024
Event	10th International Conference on Information Systems Security and Privacy - Rome, Italy Duration: 26 Feb 2024 → 28 Feb 2024

Conference

Conference	10th International Conference on Information Systems Security and Privacy
Country/Territory	Italy
City	Rome
Period	26/02/2024 → 28/02/2024

Keywords

Remote Attestation
Device Security
Model Checking

Access to Document

10.5220/0012319300003648Licence: CC BY-NC-ND

FulltextAccepted author manuscript, 456 KB

OpenUrl availability

Full text

Cite this

@inproceedings{274eab1d20644e8cbc61c616138f13e6,

title = "Attestation with Constrained Relying Party",

abstract = "Allowing a compromised device to e.g., receive privacy-sensitive sensor readings carries significant privacy risks, but to implement the relying party of a contemporary attestation protocol in a computationally constrained sensor is not feasible, and the network reach of a sensor is often limited. In this paper, we present a remote platform attestation protocol suitable for relying parties that are limited to symmetric-key cryptography and a single communication channel. We validate its security with the ProVerif model checker.",

keywords = "Remote Attestation, Device Security, Model Checking",

author = "Mariam Moustafa. and Arto Niemi. and Philip Ginzboorg. and Jan-Erik Ekberg.",

year = "2024",

doi = "10.5220/0012319300003648",

language = "English",

volume = "1",

pages = "701--708",

booktitle = "Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP",

publisher = "SCITEPRESS Digital Library",

note = "10th International Conference on Information Systems Security and Privacy, ICISSP ; Conference date: 26-02-2024 Through 28-02-2024",

}

Moustafa., M, Niemi., A, Ginzboorg., P & Ekberg., J-E 2024, Attestation with Constrained Relying Party. in Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP. vol. 1, SCITEPRESS Digital Library, pp. 701-708, 10th International Conference on Information Systems Security and Privacy, Rome, Italy, 26/02/2024. https://doi.org/10.5220/0012319300003648

Attestation with Constrained Relying Party. / Moustafa., Mariam; Niemi., Arto; Ginzboorg., Philip et al.
Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP. Vol. 1 SCITEPRESS Digital Library, 2024. p. 701-708.

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

TY - GEN

T1 - Attestation with Constrained Relying Party

AU - Moustafa., Mariam

AU - Niemi., Arto

AU - Ginzboorg., Philip

AU - Ekberg., Jan-Erik

PY - 2024

Y1 - 2024

N2 - Allowing a compromised device to e.g., receive privacy-sensitive sensor readings carries significant privacy risks, but to implement the relying party of a contemporary attestation protocol in a computationally constrained sensor is not feasible, and the network reach of a sensor is often limited. In this paper, we present a remote platform attestation protocol suitable for relying parties that are limited to symmetric-key cryptography and a single communication channel. We validate its security with the ProVerif model checker.

AB - Allowing a compromised device to e.g., receive privacy-sensitive sensor readings carries significant privacy risks, but to implement the relying party of a contemporary attestation protocol in a computationally constrained sensor is not feasible, and the network reach of a sensor is often limited. In this paper, we present a remote platform attestation protocol suitable for relying parties that are limited to symmetric-key cryptography and a single communication channel. We validate its security with the ProVerif model checker.

KW - Remote Attestation

KW - Device Security

KW - Model Checking

U2 - 10.5220/0012319300003648

DO - 10.5220/0012319300003648

M3 - Article in proceedings

VL - 1

SP - 701

EP - 708

BT - Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP

PB - SCITEPRESS Digital Library

T2 - 10th International Conference on Information Systems Security and Privacy

Y2 - 26 February 2024 through 28 February 2024

ER -

Attestation with Constrained Relying Party

Abstract

Conference

Keywords

Access to Document

OpenUrl availability

Fingerprint

Cite this