Boot Attestation: Secure Remote Reporting with Off-The-Shelf IoT Sensors

  • Steffen SchulzEmail author
  • André Schaller
  • Florian Kohnhäuser
  • Stefan Katzenbeisser
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10493)


A major challenge in computer security is about establishing the trustworthiness of remote platforms. Remote attestation is the most common approach to this challenge. It allows a remote platform to measure and report its system state in a secure way to a third party. Unfortunately, existing attestation solutions either provide low security, as they rely on unrealistic assumptions, or are not applicable to commodity low-cost and resource-constrained devices, as they require custom secure hardware extensions that are difficult to adopt across IoT vendors. In this work, we propose a novel remote attestation scheme, named Boot Attestation, that is particularly optimized for low-cost and resource-constrained embedded devices. In Boot Attestation, software integrity measurements are immediately committed to during boot, thus relaxing the traditional requirement for secure storage and reporting. Our scheme is very light on cryptographic requirements and storage, allowing efficient implementations, even on the most low-end IoT platforms available today. We also describe extensions for more flexible management of ownership and third party (public-key) attestation that may be desired in fully Internet-enabled devices. Our scheme is supported by many existing off-the-shelf devices. To this end, we review the hardware protection capabilities for a number of popular device types and present implementation results for two such commercially available platforms.



This work has been partly funded by the DFG as part of project P3 within the CRC 1119 CROSSING and the LOEWE initiative (Hessen, Germany) within the NICER project. The authors would also like to thank the anonymous reviewers for their valuable comments.


  1. 1.
    Ambrosin, M., Conti, M., Ibrahim, A., Neven, G., Sadeghi, A.-R., Schunter, M.: SANA: secure and scalable aggregate network attestation. In: CCS. ACM (2016)Google Scholar
  2. 2.
    Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: HASP (2013)Google Scholar
  3. 3.
    Armknecht, F., Maes, R., Sadeghi, A.-R., Sunar, B., Tuyls, P.: Memory leakage-resilient encryption based on physically unclonable functions. In: Towards Hardware-Intrinsic Security (2010)Google Scholar
  4. 4.
    Armknecht, F., Sadeghi, A.-R., Schulz, S., Wachsmann, C.: A security framework for the analysis and design of software attestation. In: CCS. ACM (2013)Google Scholar
  5. 5.
    Ahuja, A.: SPMA044A - Using Execute, Write, and Erase-Only Flash Protection on Stellaris Microcontrollers Using Code Composer StudioGoogle Scholar
  6. 6.
    Asokan, N., Brasser, F., Ibrahim, A., Sadeghi, A.-R., Schunter, M., Tsudik, G., Wachsmann, C.: SEDA: scalable embedded device attestation. In: CCS (2015)Google Scholar
  7. 7.
    Bösch, C., Guajardo, J., Sadeghi, A.-R., Shokrollahi, J., Tuyls, P.: Efficient helper data key extractor on FPGAs. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 181–197. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-85053-3_12CrossRefGoogle Scholar
  8. 8.
    Brasser, F., El Mahjoub, B., Sadeghi, A.-R., Wachsmann, C., Koeberl, P.: TyTAN: tiny trust anchor for tiny devices. In: DAC (2015)Google Scholar
  9. 9.
    Carpent, X., ElDefrawy, K., Rattanavipanon, N., Tsudik, G.: Lightweight swarm attestation: a tale of two LISA-s. In: AsiaCCS. ACM (2017)Google Scholar
  10. 10.
    Castelluccia, C., Francillon, A., Perito, D., Soriente, C.: On the difficulty of software-based attestation of embedded devices. In: CCS. ACM (2009)Google Scholar
  11. 11.
    Chen, W., Bhadra, J., Wang, L.-C.: SoC security and debug. In: Bhunia, S., Ray, S., Sur-Kolay, S. (eds.) Fundamentals of IP and SoC Security, pp. 29–48. Springer, Cham (2017). doi: 10.1007/978-3-319-50057-7_3CrossRefGoogle Scholar
  12. 12.
    Costin, A., Zaddach, J., Francillon, A., Balzarotti, D.: A large-scale analysis of the security of embedded firmwares. In: USENIX Security (2014)Google Scholar
  13. 13.
    Eldefrawy, K., Tsudik, G., Francillon, A., Perito, D.: SMART: secure and minimal architecture for (establishing dynamic) root of trust. In: NDSS (2012)Google Scholar
  14. 14.
    Francillon, A., Nguyen, Q., Rasmussen, K.B., Tsudik, G.: A minimalist approach to remote attestation. In: DATE (2014)Google Scholar
  15. 15.
    Hern, A.: Chinese webcam maker recalls devices after cyberattack link, October 2016. Accessed 19 Apr 2017
  16. 16.
    Karame, G.O., Li, W.: Secure erasure and code update in legacy sensors. In: Conti, M., Schunter, M., Askoxylakis, I. (eds.) Trust 2015. LNCS, vol. 9229, pp. 283–299. Springer, Cham (2015). doi: 10.1007/978-3-319-22846-4_17CrossRefGoogle Scholar
  17. 17.
    Koeberl, P., Schulz, S., Sadeghi, A.-R., Varadharajan, V.: TrustLite: a security architecture for tiny embedded devices. In: EuroSys (2014)Google Scholar
  18. 18.
    Kohnhäuser, F., Katzenbeisser, S.: Secure code updates for mesh networked commodity low-end embedded devices. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 320–338. Springer, Cham (2016). doi: 10.1007/978-3-319-45741-3_17CrossRefGoogle Scholar
  19. 19.
    Kohnhäuser, F., Schaller, A., Katzenbeisser, S.: PUF-based software protection for low-end embedded devices. In: Conti, M., Schunter, M., Askoxylakis, I. (eds.) Trust 2015. LNCS, vol. 9229, pp. 3–21. Springer, Cham (2015). doi: 10.1007/978-3-319-22846-4_1CrossRefGoogle Scholar
  20. 20.
    Kovah, X., Kallenberg, C., Weathers, C., Herzog, A., Albin, M., Butterworth, J.: New results for timing-based attestation. In: Security & Privacy (2012)Google Scholar
  21. 21.
    Krebs, B.: Who Makes the IoT Things Under Attack? October 2016. Accessed 19 Apr 2017
  22. 22.
    Li, Y., Cheng, Y., Gligor, V., Perrig, A.: Establishing software-only root of trust on embedded systems: facts and fiction. In: Christianson, B., Švenda, P., Matyáš, V., Malcolm, J., Stajano, F., Anderson, J. (eds.) Security Protocols 2015. LNCS, vol. 9379, pp. 50–68. Springer, Cham (2015). doi: 10.1007/978-3-319-26096-9_7CrossRefGoogle Scholar
  23. 23.
    Li, Y., McCune, J.M., Perrig, A.: SBAP: software-based attestation for peripherals. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) Trust 2010. LNCS, vol. 6101, pp. 16–29. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-13869-0_2CrossRefGoogle Scholar
  24. 24.
    Li, Y., McCune, J.M., Perrig, A.: VIPER: verifying the integrity of PERipherals’ firmware. In: CCS. ACM (2011)Google Scholar
  25. 25.
    Linux Foundation: Intel Quark Microcontroller Software Interface. Accessed 19 Apr 2017Google Scholar
  26. 26.
    Linux Foundation: Zephyr Project. Accessed 19 Apr 2017
  27. 27.
    Maes, R., Tuyls, P., Verbauwhede, I.: Low-overhead implementation of a soft decision helper data algorithm for SRAM PUFs. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 332–347. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-04138-9_24CrossRefGoogle Scholar
  28. 28.
    Trusted Computing Group: TPM Main Specification. Accessed 19 Apr 2017
  29. 29.
    Nohl, K., Krißler, S., Lell, J.: BadUSB - On accessories that turn evil (2014). Accessed 19 Apr 2017
  30. 30.
    Noorman, J., Agten, P., Daniels, W., Strackx, R., Van Herrewege, A., Huygens, C., Preneel, B., Verbauwhede, I., Piessens, F.: Sancus: low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In: USENIX Security (2013)Google Scholar
  31. 31.
    Parno, B., McCune, J.M., Perrig, A.: Bootstrapping Trust in Modern Computers. Springer, New York (2011)CrossRefGoogle Scholar
  32. 32.
    Perito, D., Tsudik, G.: Secure code update for embedded devices via proofs of secure erasure. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 643–662. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-15497-3_39CrossRefGoogle Scholar
  33. 33.
    Real Time Engineers Ltd.: FreeRTOS Website. Accessed 9 Dec 2015Google Scholar
  34. 34.
    Ryan, M.: Bluetooth: with low energy comes low security. In: WOOT (2013)Google Scholar
  35. 35.
    Saponas, T.S., Lester, J., Hartung, C., Agarwal, S., Kohno, T.: Devices that tell on you: privacy trends in consumer ubiquitous computing. In: USENIX Security (2007)Google Scholar
  36. 36.
    Schaller, A., Arul, T., van der Leest, V., Katzenbeisser, S.: Lightweight anti-counterfeiting solution for low-end commodity hardware using inherent PUFs. In: Holz, T., Ioannidis, S. (eds.) Trust 2014. LNCS, vol. 8564, pp. 83–100. Springer, Cham (2014). doi: 10.1007/978-3-319-08593-7_6Google Scholar
  37. 37.
    Schneier, B.: The internet of things is wildly insecure and often unpatchable. Wired, January 2014Google Scholar
  38. 38.
    Schrijen, G.-J., van der Leest, V.: Comparative analysis of SRAM memories used as PUF primitives. In: DATE (2012)Google Scholar
  39. 39.
    Seshadri, A., Luk, M., Perrig, A., van Doorn, L., Khosla, P.: SCUBA: secure code update by attestation in sensor networks. In: WiSe (2006)Google Scholar
  40. 40.
    Seshadri, A., Luk, M., Shi, E., Perrig, A., van Doorn, L., Khosla, P.: Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. In: SOSP (2005)Google Scholar
  41. 41.
    Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: SWATT: software-based attestation for embedded devices. In: Security & Privacy. IEEE (2004)Google Scholar
  42. 42.
    Shaked, Y., Wool, A.: Cracking the Bluetooth PIN. In: MobiSys (2005)Google Scholar
  43. 43.
    STMicroelectronics: Proprietary code read-out protection on microcontrollers of the STM32L4 series. Accessed 23 June 2017Google Scholar
  44. 44.
    Texas Instruments: Stellaris LM4F120 LaunchPad Evaluation Kit. Accessed 19 Apr 2017
  45. 45.
    Texas Instruments: Crypto-Bootloader (CryptoBSL) for MSP430FR59xx and MSP430FR69xx MCUs. Accessed 23 June 2017Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Steffen Schulz
    • 1
    Email author
  • André Schaller
    • 2
  • Florian Kohnhäuser
    • 2
  • Stefan Katzenbeisser
    • 2
  1. 1.Intel LabsDarmstadtGermany
  2. 2.Security Engineering Group, TU DarmstadtCYSECDarmstadtGermany

Personalised recommendations