Design and Implementation of Hardware-Based Remote Attestation for a Secure Internet of Things

Abstract

In general, Internet of Things (IoT) devices collect status information or operate according to control commands from other devices. If the safety and reliability of externally accessed devices are compromised, the risk of exposure of internally collected privacy information or abnormal operation of internal devices increases. This paper proposes a method of building a safe smart home environment by pre-blocking devices that may cause a risk by performing mutual safety verification between devices prior to data transmission and reception through the Session Initiation Protocol (SIP) of the home network. Using a Samsung’s commercial smartphone, not a development board to implement the device’s own verification function, and using an open source application and a SIP server providing free service, we established a test environment that is practically applicable and proved the feasibility of the attestation operation of the device. As a result of an operation test involving the capturing of packet data on a communication channel between two devices, it was confirmed that the transmission of parameter data for the actual attestation in SIP/Session Description Protocol packets succeeded without any problems. It was also confirmed that the final verification result of the target device was correctly derived. With the proposed method, it is possible to establish a safe trust relationship between smart home devices and external smart devices or between various IoT devices while also securing the smart home environment by blocking communications with devices that intentionally seek to do harm.