Paper 2021/602

Autonomous Secure Remote Attestation even when all Used and to be Used Digital Keys Leak

Marten van Dijk, Deniz Gurevin, Chenglu Jin, Omer Khan, and Phuong Ha Nguyen


We provide a new remote attestation scheme for secure processor technology, which is secure in the presence of an All Digital State Observing (ADSO) adversary. To accomplish this, we obfuscate session signing keys using a silicon Physical Unclonable Function (PUF) with an extended interface that combines the LPN-PUF concept with a repetition code for small failure probabilities, and we introduce a new signature scheme that only needs a message dependent subset of a session signing key for computing a signature and whose signatures cannot be successfully forged even if one subset per session signing key leaks. Our solution for remote attestation shows that results computed by enclaves can be properly verified even when an ADSO-adversary is present. For $N=2^l$ sessions, implementation results show that signing takes $934.9+0.6\cdot l$ ms and produces a signature of $8.2+0.03\cdot l$ KB, and verification by a remote user takes $118.2+0.4\cdot l$ ms. During initialization, generation of all session keys takes $819.3 \cdot N$ ms and corresponding storage is $3 \cdot 10^{-5} + 0.12 \cdot N$ MB.

Available format(s)
Cryptographic protocols
Publication info
Remote AttestationOne Time SignaturesSecure Processor ArchitecturePhysical Unclonable Function
Contact author(s)
deniz gurevin @ uconn edu
marten van dijk @ cwi nl
chenglu jin @ cwi nl
2021-05-10: received
Short URL
Creative Commons Attribution


      author = {Marten van Dijk and Deniz Gurevin and Chenglu Jin and Omer Khan and Phuong Ha Nguyen},
      title = {Autonomous Secure Remote Attestation even when all Used and to be Used Digital Keys Leak},
      howpublished = {Cryptology ePrint Archive, Paper 2021/602},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.