A lightweight remote attestation using PUFs and hash-based signatures for low-end IoT devices

Abstract

Remote attestation is a powerful mechanism that allows a verifier to know if the hardware of an IoT (Internet-of-Thing) device (acting as a prover) has been counterfeited or tampered with and if its firmware has been altered. Remote attestation is based on collecting and reporting measurements in a trusted way, and should be lightweight for resource-constrained IoT devices. This work proposes to include a low-cost Root of Trust for Measuring and Reporting (RoTMR) in the prover, based on the combination of a Physically Unclonable Function (PUF) and an Attestation Read-Only Memory (A-ROM), and to use hash-based digital signatures in the attestation protocol. The proposed RoTMR is addressed to IoT devices based on a microcontroller that executes some application code (the measurable object) located in an external non-volatile memory accessible by an attacker. The secret keys required by the digital signatures are not stored but reconstructed using the PUF. The A-ROM contains the attestation instructions and ensures that its contents cannot be altered and that its instructions are executed sequentially without modification. The use of hash-based digital signatures makes the solution quantum-resistant and very robust because its security relies solely on the unidirectionality of a hash function. The proposed attestation protocol takes advantage of the fact that One-Time Signature (OTS) generation and Many-Time Signature (MTS) verification are very well suited for low-end devices, and the MTS scheme is suitable for the verifier application context. The proposal was validated experimentally with the ESP32 microcontroller, which is widely employed in IoT devices, by using its SRAM as PUF and implementing WOTS+, which is a type of Winternitz One-Time Signature scheme (WOTS), the One-Time Signature of Smart Digital Signatures scheme (SDS-OTS), and the MTS schemes constructed with them. The OTS schemes require smaller codes and thus smaller A-ROM than MTS and ECDSA (Elliptic Curve Digital Signature Algorithm). The code of one of the WOTS+ takes about 4 times less space than ECDSA. In terms of execution times, the OTS schemes are very fast. One of the WOTS+ performs all the signature operations in a few tens of milliseconds. The OTS schemes (especially the SDS-OTS) are also very efficient in terms of communication bandwidth because they use small signatures compared to other post-quantum solutions.