Towards Remotely Verifiable Software Integrity in Resource-Constrained IoT Devices

Ivan De Oliveira Nunes,Sashidhar Jakkamsetti,Norrathep Rattanavipanon,Gene Tsudik
2024-01-11
Abstract:Lower-end IoT devices typically have strict cost constraints that rule out usual security mechanisms available in general-purpose computers or higher-end devices. To secure low-end devices, various low-cost security architectures have been proposed for remote verification of their software state via integrity proofs. These proofs vary in terms of expressiveness, with simpler ones confirming correct binary presence, while more expressive ones support verification of arbitrary code execution. This article provides a holistic and systematic treatment of this family of architectures. It also compares (qualitatively and quantitatively) the types of software integrity proofs, respective architectural support, and associated costs. Finally, we outline some research directions and emerging challenges.
Cryptography and Security
What problem does this paper attempt to address?
The problem that this paper attempts to solve is: How to achieve remotely verifiable software integrity in resource - constrained Internet of Things (IoT) devices. Specifically, these devices are usually unable to use the conventional security mechanisms in general - purpose computers or high - end devices due to cost limitations. Therefore, the paper proposes a series of low - overhead security architectures, aiming to remotely verify the software state of these low - end devices through integrity proofs. ### Main Problem Decomposition 1. **How to prove that the MCU has the correct software/firmware binary currently installed?** - Through Remote Attestation (RA), ensure that the software on the device has not been tampered with. 2. **How to extend this proof to include historical context?** - That is, how to determine when the expected software started to be installed on the device. 3. **After receiving the results from the remote MCU, how to ensure that it is obtained through the correct execution of the expected software on the expected device?** - Ensure the authenticity of sensor readings or execution commands. 4. **Can it be verified whether the instructions are executed in the predetermined legal order?** - Detect and prevent Control Flow Attacks, which change the execution path of a program without modifying the actual binary file. 5. **How to ensure that there are no (non - control - flow) data attacks during execution?** - Detect and prevent Data - Only Attacks that only exploit data vulnerabilities without modifying the program control flow. ### Core Contributions of the Paper The paper not only outlines and compares different types of software integrity proofs and their related architectural support and costs, but also proposes some future research directions and challenges. For example: - **Formal Verification and Provable Security**: Ensure the correctness of hardware and software implementations. - **Applications in High - End Devices**: Extend these techniques to more complex devices. - **Improve the Efficiency of CFA and DFA**: Reduce code size and runtime overhead. ### Summary The main objective of the paper is to provide an efficient and secure remote verification method for resource - constrained IoT devices, ensuring their software integrity and the correctness of execution. Through a series of innovative technical means, such as RA, PoX, CFA, and DFA, the paper shows how to achieve this goal under the premise of low cost and points out the directions for future research.