Skip to main content
SpringerLink
Log in

Intrinsic Code Attestation by Instruction Chaining for Embedded Devices

  • Conference paper
Security and Privacy in Communication Networks (SecureComm 2015)

Abstract

In this paper we present a novel approach to ensure that no malicious code can be executed on resource constraint devices such as sensor nodes or embedded devices. The core idea is to encrypt the code and to decrypt it after reading it from the memory. Thus, if the code is not encrypted with the correct key it cannot be executed due the incorrect result of the decryption operation. A side effect of this is that the code is protected from being copied. In addition we propose to bind instructions to their predecessors by cryptographic approaches. This helps us to prevent attacks that reorder authorized code such as return-oriented programming attacks. We present a thorough security analysis of our approach as well as simulation results that prove the feasibility of our approach. The performance penalty as well as the area penalty depend mainly on the cipher algorithm used. The former can be as small as a single clock cycle if Prince a latency optimized block cipher is used, while the area overhead is 45 per cent for a commodity micro controller unit (MCU).

The research leading to these results has received funding from the Federal Ministry of Education and Research (BMBF) under grant agreement No. 16 KIS0004.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Running Leon2 on the Altera Nios Development Board, Cyclone Edition

    Google Scholar 

  2. Abadi, M., Budiu, M., Erlingsson, Ú., Ligatti, J.: Control-flow integrity. In: ACM Conference on Computer and Communication Security (CCS), number MSR-TR-2005-18, Alexandria, VA, pp. 340–353, November 2005

    Google Scholar 

  3. Abadi, M., Budiu, M., Erlingsson, Ú., Ligatti, J.: A theory of secure control flow. In: Lau, K.-K., Banach, R. (eds.) ICFEM 2005. LNCS, vol. 3785, pp. 111–124. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  4. Arbaugh, W.A., Farber, D.J., Smith, J.M.: A secure and reliable bootstrap architecture. In: Proceedings of the IEEE Symposium on Security and Privacy, SP 1997, pp. 65. IEEE Computer Society, Washington, DC (1997)

    Google Scholar 

  5. Best, R.M.: Microprocessor for executing enciphered programs (1979)

    Google Scholar 

  6. Best, R.M.: Crypto microprocessor for executing enciphered programs (1981)

    Google Scholar 

  7. Best, R.M.: Crypto microprocessor that executes enciphered programs (2004)

    Google Scholar 

  8. Borghoff, J., et al.: PRINCE - a low-latency block cipher for pervasive computing applications - extended abstract. In: Wang, X., Sako, K. (eds.) Advances in Cryptology – ASIACRYPT 2012. LNCS, vol. 7658, pp. 208–225. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  9. Candelore, B., Sprunk, E.: Secure processor with external memory using block chaining and block re-ordering (2000)

    Google Scholar 

  10. Castelluccia, C., Francillon, A., Perito, D., Soriente, C.: On the difficulty of software-based attestation of embedded devices. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 400–409. ACM, New York (2009)

    Google Scholar 

  11. Chen, L., Landfermann, R., Löhr, H., Rohe, M., Sadeghi, A.-R., Stüble, C.: A protocol for property-based attestation. In: Proceedings of the First ACM Workshop on Scalable Trusted Computing, STC 2006. ACM, New York (2006)

    Google Scholar 

  12. Chen, X. Dick, R.P., Choudhary, A.: Operating system controlled processor-memory bus encryption. In: Proceedings of the Conference on Design, Automation and Test in Europe, DATE 2008, pp. 1154–1159. ACM, New York (2008)

    Google Scholar 

  13. Deng, J., Han, R., Mishra, S.: Secure code distribution in dynamically programmable wireless sensor networks. In: Proceedings of the 5th International Conference on Information Processing in Sensor Networks, IPSN 2006, pp. 292–300. ACM, New York (2006)

    Google Scholar 

  14. Elbaz, R., Torres, L., Sassatelli, G., Guillemin, P., Anguille, C., Bardouillet, M., Buatois, C., Rigaud, J.B.: Hardware engines for bus encryption: a survey of existing techniques. IEEE (2005)

    Google Scholar 

  15. Eldefrawy, K., Francillon, A., Perito, D., Tsudik, G.: SMART: secure and minimal architecture for (establishing a dynamic) root of trust. In: Proceedings of 19th Annual Network and Distributed System Security Symposium, NDSS 2012, San Diego, CA, USA, February 2012

    Google Scholar 

  16. Eriksson, J., Dunkels, A., Finne, N., Österlind, F., Voigt, T., Tsiftes, N.: Demo abstract: MSPsim - an extensible simulator for MSP430-equipped sensor boards. In: Proceedings of the 5th European Conference on Wireless Sensor Networks (EWSN 2008), Bologna, Italy, January 2008

    Google Scholar 

  17. Francillon, A., Castelluccia, C.: Code injection attacks on harvard-architecture devices. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS 2008, pp. 15–26. ACM, New York (2008)

    Google Scholar 

  18. Francillon, A., Perito, D., Castelluccia, C.: Defending embedded systems against control flow attacks. In: Proceedings of the First ACM Workshop on Secure Execution of Untrusted Code, SecuCode 2009, pp. 19–26. ACM, New York (2009)

    Google Scholar 

  19. Gilmont, T., Legat, J.-D., Quisquater, J.-J.: Enhancing security in the memory management unit. In: Proceedings of the 25th EUROMICRO Conference, vol. 1, pp. 449–456. IEEE Computer Society (1999)

    Google Scholar 

  20. Girard, O.: openMSP:: Overview (2014)

    Google Scholar 

  21. Holcomb, D.E., Burleson, W.P., Fu, K.: Power-up sram state as an identifying fingerprint and source of true random numbers. IEEE Trans. Comput. 58(9), 1198–1210 (2009)

    Article  MathSciNet  Google Scholar 

  22. Kil, C., Sezer, E., Azab, A., Ning, P., Zhang, X.: Remote attestation to dynamic system properties: towards providing complete system integrity evidence. In: IEEE/IFIP International Conference on Dependable Systems Networks, DSN 2009, pp. 115–124, June 2009

    Google Scholar 

  23. Krauß, C., Stumpf, F., Eckert, C.: Detecting node compromise in hybrid wireless sensor networks using attestation techniques. In: Stajano, F., Meadows, C., Capkun, S., Moore, T. (eds.) ESAS 2007. LNCS, vol. 4572, pp. 203–217. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  24. Kuhn, M.G.: Instruction search attack on the bus-encryption security microcontroller ds5002fp. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 47, 1153–1157 (1998)

    Google Scholar 

  25. Lattner, C., Adve, V.: LLVM: a compilation framework for lifelong program analysis and transformation. In: Proceedings of the International Symposium on Code Generation and Optimization: Feedback-directed and Runtime Optimization, CGO 2004, p. 75. IEEE Computer Society, Washington, DC (2004)

    Google Scholar 

  26. Lie, D.: Architectural support for copy and tamper resistant software. Architectural Support for Programming Languages and Operating Systems, November 2000

    Google Scholar 

  27. Oh, N., Shirvani, P.P., McCluskey, E.J.: Control-flow checking by software signatures. IEEE Transactions on Reliability 51(1), 111–122 (2002)

    Article  Google Scholar 

  28. Panic, G., Basmer, T., Schrape, O., Peter, S., Vater, F., Tittelbach-Helmrich, K.: Sensor node processor for security applications. In: Proceedings of 18th IEEE International Conference on Electronics, Circuits and Systems, ICECS 2011, Beirut, Lebanon, pp. 81–84, December 2011

    Google Scholar 

  29. Park, T., Shin, K.G.: Soft tamper-proofing via program integrity verification in wireless sensor networks. IEEE Trans. on Mobile Computing 4(3), May 2005

    Google Scholar 

  30. Perito, D., Tsudik, G.: Secure code update for embedded devices via proofs of secure erasure. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 643–662. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  31. Reis, G.A., Chang, J., Vachharajani, N., Rangan, R., August, D.I.: Swift: software implemented fault tolerance. In: Proceedings of the International Symposium on Code Generation and Optimization, CGO 2005, pp. 243–254. IEEE Computer Society, Washington, DC (2005)

    Google Scholar 

  32. Seshadri, A., Perrig, A., Doorn, L.V., Khosla, P.: SWATT: SoftWare-based ATTestation for embedded devices. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, USA (2004)

    Google Scholar 

  33. Shacham, H.: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS 2007, New York, NY, USA (2007)

    Google Scholar 

  34. Shacham, H., Page, M., Pfaff, B., Goh, E.-J., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, pp. 298–307. ACM, New York (2004)

    Google Scholar 

  35. Spinellis, D.: Reflection as a mechanism for software integrity verification. ACM Trans. Inf. Syst. Secur. 3(1), 51–62 (2000)

    Article  Google Scholar 

  36. Stecklina, O., Methfessel, M.: A tiny scale VLIW processor for real-time constrained embedded control tasks. In: Proceedings of the 17th Euromicro Conference on Digital Systems Design, DSD 2014, Verona, Italy, August 2014

    Google Scholar 

  37. Suh, G.E., O‘Donnell, C.W., Sachdev, I., Devadas, S.: Design and implementation of the aegis singlechip secure processor using physical random functions. Technical report, MIT CSAIL, November 2004

    Google Scholar 

  38. Texas Instruments, Dallas, TX, USA. MSP430 Programming via the bootstrap loader (BSL), slau319l edition, September 2014

    Google Scholar 

  39. Urban, R., Schölzel, M., Vierhaus, H.T.: Entwicklungsumgebung fr den compilerzentrierten Mikroprozessorentwurf (CoMet). In: Tagungsband Dresdner Arbeitstagung Schaltungs- und Systementwurf, DASS 2014. Fraunhofer Verlag (2014)

    Google Scholar 

  40. Usselmann, R.: AES (Rijndael) IP Core:: Overview (2013)

    Google Scholar 

  41. Vater, F., Langendörfer, P.: An Area Efficient Realisation of AES for Wireless Devices. it - Information Technology 49, 188–193 (2007)

    Article  Google Scholar 

  42. Venkatasubramanian, R., Hayes, J., Murray, B.: Low-cost on-line fault detection using control flow assertions. In: Proceedings of the 9th IEEE Conference on On-Line Testing Symposium, IOLTS 2003, pp. 137–143, July 2003

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. IHP, Im Technologiepark 25, 15236, Frankfurt (oder), Germany

    Oliver Stecklina, Peter Langendörfer & Frank Vater

  2. Horst Görtz Institute for IT-Security (HGI), Ruhr-University Bochum, Bochum, Germany

    Thorsten Kranz & Gregor Leander

Authors
  1. Oliver Stecklina
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Peter Langendörfer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Frank Vater
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Thorsten Kranz
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Gregor Leander
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Oliver Stecklina .

Editor information

Editors and Affiliations

  1. The University of Texas at Dallas, Richardson, Texas, USA

    Bhavani Thuraisingham

  2. Indiana University at Bloomington, Bloomington, Indiana, USA

    XiaoFeng Wang

  3. SRI International, Menlo Park, California, USA

    Vinod Yegneswaran

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Stecklina, O., Langendörfer, P., Vater, F., Kranz, T., Leander, G. (2015). Intrinsic Code Attestation by Instruction Chaining for Embedded Devices. In: Thuraisingham, B., Wang, X., Yegneswaran, V. (eds) Security and Privacy in Communication Networks. SecureComm 2015. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 164. Springer, Cham. https://doi.org/10.1007/978-3-319-28865-9_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-28865-9_6

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-28864-2

  • Online ISBN: 978-3-319-28865-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation