Paper 2024/1068

From Interaction to Independence: zkSNARKs for Transparent and Non-Interactive Remote Attestation

Shahriar Ebrahimi, IDEAS NCBR
Parisa Hassanizadeh, Polish Academy of Sciences, IDEAS NCBR
Abstract

Remote attestation (RA) protocols have been widely used to evaluate the integrity of software on remote devices. Currently, the state-of-the-art RA protocols lack a crucial feature: transparency. This means that the details of the final attestation verification are not openly accessible or verifiable by the public. Furthermore, the interactivity of these protocols often limits attestation to trusted parties who possess privileged access to confidential device data, such as pre-shared keys and initial measurements. These constraints impede the widespread adoption of these protocols in various applications. In this paper, we introduce zRA, a non-interactive, transparent, and publicly provable RA protocol based on zkSNARKs. zRA enables verification of device attestations without the need for pre-shared keys or access to confidential data, ensuring a trustless and open attestation process. This eliminates the reliance on online services or secure storage on the verifier side. Moreover, zRA does not impose any additional security assumptions beyond the fundamental cryptographic schemes and the essential trust anchor components on the prover side (i.e., ROM and MPU). The zero-knowledge attestation proofs generated by devices have constant size regardless of the network complexity and number of attestations. Moreover, these proofs do not reveal sensitive information regarding internal states of the device, allowing verification by anyone in a public and auditable manner. We conduct an extensive security analysis and demonstrate scalability of zRA compared to prior work. Our analysis suggests that zRA excels especially in peer-to-peer and Pub/Sub network structures. To validate the practicality, we implement an open-source prototype of zRA using the Circom language. We show that zRA can be securely deployed on public permissionless blockchains, serving as an archival platform for attestation data to achieve resilience against DoS attacks.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Network and Distributed System Security (NDSS) Symposium 2024
DOI
10.14722/ndss.2024.24815
Keywords
IoTRemote AttestationzkSNARKsZero-Knowledge Proofs (ZKP)
Contact author(s)
shahriar ebrahimi @ ideas-ncbr pl
parisa hassanizadeh @ ideas-ncbr pl
History
2024-07-02: approved
2024-07-01: received
See all versions
Short URL
https://ia.cr/2024/1068
License
Creative Commons Attribution-NonCommercial
CC BY-NC

BibTeX 

@misc{cryptoeprint:2024/1068,
      author = {Shahriar Ebrahimi and Parisa Hassanizadeh},
      title = {From Interaction to Independence: {zkSNARKs} for Transparent and Non-Interactive Remote Attestation},
      howpublished = {Cryptology ePrint Archive, Paper 2024/1068},
      year = {2024},
      doi = {10.14722/ndss.2024.24815},
      note = {\url{https://eprint.iacr.org/2024/1068}},
      url = {https://eprint.iacr.org/2024/1068}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.