English
Related papers

Related papers: A TOCTOU Attack on DICE Attestation

200 papers

Internet-of-Things (IoT) devices are increasingly common in both consumer and industrial settings, often performing safety-critical functions. Although securing these devices is vital, manufacturers typically neglect security issues or…

Cryptography and Security · Computer Science 2025-02-13 Pavel Frolikov , Youngil Kim , Renascence Tarafder Prapty , Gene Tsudik

Internet of Things (IoT) devices and applications can have significant vulnerabilities, which may be exploited by adversaries to cause considerable harm. An important approach for mitigating this threat is remote attestation, which enables…

Cryptography and Security · Computer Science 2021-09-28 Shanto Roy , Salah Uddin Kadir , Yevgeniy Vorobeychik , Aron Laszka

The growing pervasiveness of Internet of Things (IoT) expands the attack surface by connecting more and more attractive attack targets, i.e. embedded devices, to the Internet. One key component in securing these devices is software…

Cryptography and Security · Computer Science 2018-11-20 Mahmoud Ammar , Mahdi Washha , Bruno Crispo

Verifying integrity of software execution in low-end micro-controller units (MCUs) is a well-known open problem. The central challenge is how to securely detect software exploits with minimal overhead, since these MCUs are designed for low…

Cryptography and Security · Computer Science 2021-03-25 Ivan De Oliveira Nunes , Sashidhar Jakkamsetti , Gene Tsudik

Remote attestation is a crucial security service particularly relevant to increasingly popular IoT (and other embedded) devices. It allows a trusted party (verifier) to learn the state of a remote, and potentially malware-infected, device…

Cryptography and Security · Computer Science 2016-08-18 Tigist Abera , N. Asokan , Lucas Davi , Jan-Erik Ekberg , Thomas Nyman , Andrew Paverd , Ahmad-Reza Sadeghi , Gene Tsudik

We propose Remote Attestation with TOCTOU Avoidance (RATA): a provably secure approach to address the RA TOCTOU problem. With RATA, even malware that erases itself before execution of the next RA, can not hide its ephemeral presence. RATA…

Cryptography and Security · Computer Science 2021-04-19 Ivan De Oliveira Nunes , Sashidhar Jakkamsetti , Norrathep Rattanavipanon , Gene Tsudik

With the rapidly evolving next-generation systems-of-systems, we face new security, resilience, and operational assurance challenges. In the face of the increasing attack landscape, it is necessary to cater to efficient mechanisms to verify…

Cryptography and Security · Computer Science 2021-07-13 Heini Bergsson Debes , Thanassis Giannetsos , Ioannis Krontiris

The proliferation of consumer IoT products in our daily lives has raised the need for secure device authentication and access control. Unfortunately, these resource-constrained devices typically use token-based authentication, which is…

Cryptography and Security · Computer Science 2024-03-25 Yue Xiao , Yi He , Xiaoli Zhang , Qian Wang , Renjie Xie , Kun Sun , Ke Xu , Qi Li

Remote attestation is a security technique through which a remote trusted party (i.e., Verifier) checks the trustworthiness of a potentially untrusted device (i.e., Prover). In the Internet of Things (IoT) systems, the existing remote…

Cryptography and Security · Computer Science 2020-11-20 Mauro Conti , Edlira Dushku , Luigi V. Mancini

The Internet of Things (IoT) is increasingly intertwined with critical industrial processes, yet contemporary IoT devices offer limited security features, creating a large new attack surface. Remote attestation is a well-known technique to…

Cryptography and Security · Computer Science 2018-11-20 Mahmoud Ammar , Mahdi Washha , Gowri Sankar Ramachandran , Bruno Crispo

The Internet of Things (IoT) is an emerging paradigm that allows to set large networks of small and independent devices. To ensure their integrity, practitioners employ so-called Remote Attestation (RA) schemes. Classic RA schemes require a…

Cryptography and Security · Computer Science 2019-12-13 Alessandro Visintin , Flavio Toffalini , Mauro Conti , Jianying Zhou

The Internet of Things (IoT) is a network of billions of interconnected, primarily low-end embedded devices. Despite large-scale deployment, studies have highlighted critical security concerns in IoT networks, many of which stem from…

Cryptography and Security · Computer Science 2024-08-13 Varun Kohli , Bhavya Kohli , Muhammad Naveed Aman , Biplab Sikdar

Industrial IoT (IIoT) aims to enhance services provided by various industries such as manufacturing and product processing. IIoT suffers from various challenges and security is one of the key challenge among those challenges. Authentication…

Cryptography and Security · Computer Science 2022-07-28 Chintan Patela , Ali Kashif Bashirb , Ahmad Ali AlZubic , Rutvij H Jhaveri

Internet-of-Things (IoT) devices are vulnerable to malware and require new mitigation techniques due to their limited resources. To that end, previous research has used periodic Remote Attestation (RA) or Traffic Analysis (TA) to detect…

Cryptography and Security · Computer Science 2025-02-24 Renascence Tarafder Prapty , Rahmadi Trimananda , Sashidhar Jakkamsetti , Gene Tsudik , Athina Markopoulou

Remote attestation is one of the ways to verify the state of an untrusted device. Earlier research has attempted remote verification of a devices' state using hardware, software, or hybrid approaches. Majority of them have used Attestation…

Cryptography and Security · Computer Science 2021-01-19 Avani Dave , Monty Wiseman , David Safford

Microcontroller-based embedded devices are at the core of Internet-of-Things and Cyber-Physical Systems. The security of these devices is of paramount importance. Among the approaches to securing embedded devices, dynamic firmware analysis…

Cryptography and Security · Computer Science 2021-01-18 Alejandro Mera , Bo Feng , Long Lu , Engin Kirda

IoT devices are increasingly deployed in daily life. Many of these devices are, however, vulnerable due to insecure design, implementation, and configuration. As a result, many networks already have vulnerable IoT devices that are easy to…

Cryptography and Security · Computer Science 2019-05-13 Thien Duc Nguyen , Samuel Marchal , Markus Miettinen , Hossein Fereidooni , N. Asokan , Ahmad-Reza Sadeghi

Attestation is a strong tool to verify the integrity of an untrusted system. However, in recent years, different attacks have appeared that are able to mislead the attestation process with treacherous practices as memory copy, proxy, and…

Cryptography and Security · Computer Science 2021-10-05 Ignacio M. Delgado-Lozano , Macarena C. Martínez-Rodríguez , Alexandros Bakas , Billy Bob Brumley , Antonis Michalas

Hardware-secured remote attestation is essential to establishing trust in the integrity of confidential virtual machines (cVMs), but is difficult to use in practice because verifying attestation evidence requires the use of…

Cryptography and Security · Computer Science 2026-05-01 Parsa Sadri Sinaki , Zainab Ahmad , Wentao Xie , Merlijn Sebrechts , Jimmy Kjällman , Lachlan J. Gunn

Remote attestation (RA) is a popular means of detecting malware in embedded and IoT devices. RA is usually realized as an interactive protocol, whereby a trusted party -- verifier -- measures integrity of a potentially compromised remote…

Cryptography and Security · Computer Science 2017-07-31 Xavier Carpent , Norrathep Rattanavipanon , Gene Tsudik
‹ Prev 1 2 3 10 Next ›