PERMANENT: Publicly Verifiable Remote Attestation for Internet of Things through Blockchain

Sigurd Frej Joel Jørgensen Ankergård; Edlira Dushku; Nicola Dragoni

doi:10.1007/978-3-031-08147-7_15

PERMANENT: Publicly Verifiable Remote Attestation for Internet of Things through Blockchain

Sigurd Frej Joel Jørgensen Ankergård, Edlira Dushku, Nicola Dragoni

Technical University of Denmark

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

89 Downloads (Pure)

Abstract

Remote Attestation (RA) is a security mechanism that allows a centralized trusted entity (Verifier) to check the trustworthiness of a potentially compromised IoT device (Prover). With the tsunami of interconnected IoT devices, the advancement of swarm RA schemes that efficiently attest large IoT networks has become crucial. Recent swarm RA approaches work towards distributing the attestation verification from a centralized Verifier to many Verifiers. However, the assumption of trusted Verifiers in the swarm is not practical in large networks. In addition, the state-of-the-art RA schemes do not establish network-wide decentralized trust among the interacting devices in the swarm. This paper proposes PERMANENT, a Publicly Verifiable Remote Attestation protocol for Internet of Things through Blockchain, which stores the historical attestation results of all devices in a blockchain and allows each interacting device to obtain the attestation result. PERMANENT enables devices to make a trust decision based on the historical attestation results. This feature allows the interaction among trustworthy devices (or with a trust score over a certain threshold) without the computational overhead of attesting every participating device before each interaction. We validate PERMANENT with a proof-of-concept implementation, using Hyperledger Sawtooth as the underlying blockchain. The conducted experiments confirm the feasibility of the PERMANENT protocol.

Original language	English
Title of host publication	Proceedings of 14^th International Symposium on Foundations & Practice of Security
Publisher	Springer
Publication date	2022
Pages	218–234
ISBN (Print)	978-3-031-08146-0
DOIs	https://doi.org/10.1007/978-3-031-08147-7_15
Publication status	Published - 2022
Event	14th International Symposium on Foundations & Practice of Security - Espace Hamelin, Paris, France Duration: 7 Dec 2021 → 10 Dec 2021 Conference number: 14 https://www.fps-2021.com/

Conference

Conference	14th International Symposium on Foundations & Practice of Security
Number	14
Location	Espace Hamelin
Country/Territory	France
City	Paris
Period	07/12/2021 → 10/12/2021
Internet address	https://www.fps-2021.com/

Series	Lecture Notes in Computer Science
Volume	13291
ISSN	0302-9743

Keywords

Remote attestation
Internet of Things
Blockchain
Public verifiability

Access to Document

10.1007/978-3-031-08147-7_15

FulltextAccepted author manuscript, 431 KB

OpenUrl availability

Full text

Cite this

@inproceedings{84418c008fd8443a851f324bb0b2466c,

title = "PERMANENT: Publicly Verifiable Remote Attestation for Internet of Things through Blockchain",

abstract = "Remote Attestation (RA) is a security mechanism that allows a centralized trusted entity (Verifier) to check the trustworthiness of a potentially compromised IoT device (Prover). With the tsunami of interconnected IoT devices, the advancement of swarm RA schemes that efficiently attest large IoT networks has become crucial. Recent swarm RA approaches work towards distributing the attestation verification from a centralized Verifier to many Verifiers. However, the assumption of trusted Verifiers in the swarm is not practical in large networks. In addition, the state-of-the-art RA schemes do not establish network-wide decentralized trust among the interacting devices in the swarm. This paper proposes PERMANENT, a Publicly Verifiable Remote Attestation protocol for Internet of Things through Blockchain, which stores the historical attestation results of all devices in a blockchain and allows each interacting device to obtain the attestation result. PERMANENT enables devices to make a trust decision based on the historical attestation results. This feature allows the interaction among trustworthy devices (or with a trust score over a certain threshold) without the computational overhead of attesting every participating device before each interaction. We validate PERMANENT with a proof-of-concept implementation, using Hyperledger Sawtooth as the underlying blockchain. The conducted experiments confirm the feasibility of the PERMANENT protocol. ",

keywords = "Remote attestation, Internet of Things, Blockchain, Public verifiability",

author = "Ankerg{\aa}rd, {Sigurd Frej Joel J{\o}rgensen} and Edlira Dushku and Nicola Dragoni",

year = "2022",

doi = "10.1007/978-3-031-08147-7_15",

language = "English",

isbn = "978-3-031-08146-0",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "218–234",

booktitle = "Proceedings of 14th International Symposium on Foundations & Practice of Security",

note = "14th International Symposium on Foundations & Practice of Security, FPS 2021 ; Conference date: 07-12-2021 Through 10-12-2021",

url = "https://www.fps-2021.com/",

}

Ankergård, SFJJ, Dushku, E & Dragoni, N 2022, PERMANENT: Publicly Verifiable Remote Attestation for Internet of Things through Blockchain. in Proceedings of 14^th International Symposium on Foundations & Practice of Security. Springer, Lecture Notes in Computer Science, vol. 13291, pp. 218–234, 14th International Symposium on Foundations & Practice of Security, Paris, France, 07/12/2021. https://doi.org/10.1007/978-3-031-08147-7_15

PERMANENT: Publicly Verifiable Remote Attestation for Internet of Things through Blockchain. / Ankergård, Sigurd Frej Joel Jørgensen; Dushku, Edlira; Dragoni, Nicola.
Proceedings of 14^th International Symposium on Foundations & Practice of Security. Springer, 2022. p. 218–234 (Lecture Notes in Computer Science, Vol. 13291).

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

TY - GEN

T1 - PERMANENT: Publicly Verifiable Remote Attestation for Internet of Things through Blockchain

AU - Ankergård, Sigurd Frej Joel Jørgensen

AU - Dushku, Edlira

AU - Dragoni, Nicola

N1 - Conference code: 14

PY - 2022

Y1 - 2022

N2 - Remote Attestation (RA) is a security mechanism that allows a centralized trusted entity (Verifier) to check the trustworthiness of a potentially compromised IoT device (Prover). With the tsunami of interconnected IoT devices, the advancement of swarm RA schemes that efficiently attest large IoT networks has become crucial. Recent swarm RA approaches work towards distributing the attestation verification from a centralized Verifier to many Verifiers. However, the assumption of trusted Verifiers in the swarm is not practical in large networks. In addition, the state-of-the-art RA schemes do not establish network-wide decentralized trust among the interacting devices in the swarm. This paper proposes PERMANENT, a Publicly Verifiable Remote Attestation protocol for Internet of Things through Blockchain, which stores the historical attestation results of all devices in a blockchain and allows each interacting device to obtain the attestation result. PERMANENT enables devices to make a trust decision based on the historical attestation results. This feature allows the interaction among trustworthy devices (or with a trust score over a certain threshold) without the computational overhead of attesting every participating device before each interaction. We validate PERMANENT with a proof-of-concept implementation, using Hyperledger Sawtooth as the underlying blockchain. The conducted experiments confirm the feasibility of the PERMANENT protocol.

AB - Remote Attestation (RA) is a security mechanism that allows a centralized trusted entity (Verifier) to check the trustworthiness of a potentially compromised IoT device (Prover). With the tsunami of interconnected IoT devices, the advancement of swarm RA schemes that efficiently attest large IoT networks has become crucial. Recent swarm RA approaches work towards distributing the attestation verification from a centralized Verifier to many Verifiers. However, the assumption of trusted Verifiers in the swarm is not practical in large networks. In addition, the state-of-the-art RA schemes do not establish network-wide decentralized trust among the interacting devices in the swarm. This paper proposes PERMANENT, a Publicly Verifiable Remote Attestation protocol for Internet of Things through Blockchain, which stores the historical attestation results of all devices in a blockchain and allows each interacting device to obtain the attestation result. PERMANENT enables devices to make a trust decision based on the historical attestation results. This feature allows the interaction among trustworthy devices (or with a trust score over a certain threshold) without the computational overhead of attesting every participating device before each interaction. We validate PERMANENT with a proof-of-concept implementation, using Hyperledger Sawtooth as the underlying blockchain. The conducted experiments confirm the feasibility of the PERMANENT protocol.

KW - Remote attestation

KW - Internet of Things

KW - Blockchain

KW - Public verifiability

U2 - 10.1007/978-3-031-08147-7_15

DO - 10.1007/978-3-031-08147-7_15

M3 - Article in proceedings

SN - 978-3-031-08146-0

T3 - Lecture Notes in Computer Science

SP - 218

EP - 234

BT - Proceedings of 14th International Symposium on Foundations & Practice of Security

PB - Springer

T2 - 14th International Symposium on Foundations & Practice of Security

Y2 - 7 December 2021 through 10 December 2021

ER -

PERMANENT: Publicly Verifiable Remote Attestation for Internet of Things through Blockchain

Abstract

Conference

Keywords

Access to Document

OpenUrl availability

Fingerprint

Cite this