Paper 2024/1232

Efficient and Privacy-Preserving Collective Remote Attestation for NFV

Ghada Arfaoui, Orange (France)
Thibaut Jacques, Orange (France), University of Limoges
Cristina Onete, University of Limoges
Abstract

The virtualization of network functions is a promising technology, which can enable mobile network operators to provide more flexibility and better resilience for their infrastructure and services. Yet, virtualization comes with challenges, as 5G operators will require a means of verifying the state of the virtualized network components (e.g. Virtualized Network Functions (VNFs) or managing hypervisors) in order to fulfill security and privacy commitments. One such means is the use of attestation protocols. In this paper, we focus on Collective Remote Attestation (cRA), which is used to attest the state of a group of devices. Although cRA has been extensively studied in the context of IoT, it has not been used yet in virtualized mobile networks, a different use-case, with constraints of its own. In this paper, we propose the first protocol to efficiently and securely attest a group of Virtualized Network Functions which make up a VNF Forwarding Graph. Our protocol comes with strong and provable guarantees of: unforgeability of attestation, the linkability of attestations for related components, and the privacy of sensitive configuration details for the infrastructure provider. In particular, we are the first to formally define and analyze such properties for VNF-FG attestation. Finally, through our Proof-of-Concept implementation, we show that our construction is not only strongly secure, but also efficient.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
Collective Remote AttestationTelco NetworksNFVMulti-TenantPrivacy
Contact author(s)
ghada arfaoui @ orange com
thibaut jacques @ orange com
cristina onete @ gmail com
History
2024-08-05: approved
2024-08-02: received
See all versions
Short URL
https://ia.cr/2024/1232
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/1232,
      author = {Ghada Arfaoui and Thibaut Jacques and Cristina Onete},
      title = {Efficient and Privacy-Preserving Collective Remote Attestation for {NFV}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1232},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1232}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.