Abstract | Remote attestation is a security service that is typically realized by an interactive challenge-response protocol that allows a trusted verifier to capture the state of a potentially untrusted remote device. However, existing attestation schemes are vulnerable to Denial of Service (DoS) attacks, which can be carried out by swamping the targeted device with fake attestation requests. In this paper, we propose SeED, the first non-interactive attestation protocol that mitigates DoS attacks and is highly efficient. Designing such a protocol is not straightforward, since it relies on a potentially malicious prover to trigger the attestation process. We investigate the related challenges and subtleties and describe how to address them with minimal assumptions. As evaluation results show, our non-interactive attestation protocol is particularly suitable for resource-constrained embedded devices, since it is highly efficient in terms of power consumption and communication. |
---|