PROVE: Provable remote attestation for public verifiability

The expanding attack surface of Internet of Things (IoT) systems calls for innovative security approaches to verify the reliability of IoT devices. To this end, Remote Attestation (RA) serves as a key mechanism that remotely detects the presence of malware in IoT devices. Typically, RA allows a centralized trusted Verifier to retrieve reliable evidence about the software integrity of an untrusted Prover. Existing RA schemes generally rely on the assumption that the Verifier and the Prover know each other and have pre-shared cryptographic keys during the bootstrap phase. However, these assumptions are not realistic to employ over commonly used event-driven IoT networks, in which the interacting parties do not know each other and do not communicate directly. This paper proposes PROVE, a novel protocol that allows many Verifiers to attest one or more Provers without pre-shared key material and without using public-key cryptography which is often not suitable for resource-constraint IoT devices. In particular, PROVE considers a realistic IoT system where devices adopt the publish/subscribe communication paradigm. In PROVE, the subscribers act as untrusted Verifiers and attest not only the firmware integrity of the publishers that act as untrusted Provers but also the authenticity of the received data originated from these publishers. We simulate PROVE on the Contiki emulator and demonstrate the scalability of the solution. We also validate PROVE through two hardware proof-of-concept implementations: PROVE and PROVE+, which rely on different cryptographic cores. The results show that a complete execution of the protocol takes 4605 ns and 324 ns for PROVE and PROVE+, respectively.