Mutual authentication‐based RA scheme for embedded systems

Abstract

To improve the security and efficiency of remote attestation (RA) for embedded systems, this study proposes mutual authentication-based RA scheme for embedded systems. Especially, the authors design an RA framework based on authentication agents and measurement agents, which combines the mutually anonymous identity authentication scheme with the platform integrity attestation. During the identity authentication period, based on the traditional direct anonymous authentication scheme, the time-stamping mechanism and the mutual direct anonymous attestation mechanism are proposed to achieve bidirectional anonymous authentication of both parties in the communication. During the platform integrity attestation period, combining with the locality principle, they improve the data structure for storing the integrity measurements of the module and propose an RA mechanism based on locality principle-based hash tree. This mechanism can shorten the length of the certification path and improve the verification efficiency of platform configuration integrity certification. Furthermore, experimental results and analysis show that the efficiency of the proposed scheme is superior to the existing schemes.