Paper 2010/217
Secure Code Update for Embedded Devices via Proofs of Secure Erasure
Daniele Perito and Gene Tsudik
Abstract
Remote attestation is the process of verifying internal state of a remote embedded device. It is an important component of many security protocols and applications. Although techniques assisted by specialized secure hardware are effective, they not yet viable for low-cost embedded devices. One notable alternative is software-based attestation which is both less costly and more efficient. However, recent results identified weaknesses in some proposed methods, thus showing that security of remote software attestation remains a challenge. Inspired by these developments, this paper explores a different approach that relies neither on secure hardware nor on tight timing constraints. By taking advantage of the bounded memory/storage model of low-cost embedded devices and assuming a small amount of read-only memory (ROM), our uses a new primitive -- Proofs of Secure Erasure (PoSE-s). We show that, even though our PoSE-based approach is effective and provably secure, it is not cheap. However, it is particularly well-suited and practical for two other related tasks: secure code update and secure memory/storage erasure. We consider several flavors of PoSE-based protocols and demonstrate their feasibility in the context of existing commodity embedded devices.
Metadata
- Available format(s)
-
PDF
- Category
- Applications
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- smart cards
- Contact author(s)
- perito @ inrialpes fr
- History
- 2010-07-30: revised
- 2010-04-19: received
- See all versions
- Short URL
- https://ia.cr/2010/217
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2010/217,
author = {Daniele Perito and Gene Tsudik},
title = {Secure Code Update for Embedded Devices via Proofs of Secure Erasure},
howpublished = {Cryptology {ePrint} Archive, Paper 2010/217},
year = {2010},
url = {https://eprint.iacr.org/2010/217}
}
