This paper presents LIRA-V, a lightweight system for performing remote attestation between constrained devices using the RISC-V architecture. We propose using read-only memory and the RISC-V Physical Memory Protection (PMP) primitive to build a trust anchor for remote attestation and secure channel creation. Moreover, we propose a bi-directional attestation protocol for trusted device-to-device communication, which is subjected to formal symbolic verification using Scyther. We present the design, implementation and evaluation of LIRA-V using an off-the-shelf {RISC-V} microcontroller and present performance results to demonstrate its suitability. To our knowledge, we present the first remote attestation mechanism suitable for constrained RISC-V devices, with applications to the Internet of Things (IoT) and Cyber Physical Systems (CPS).
翻译:本文介绍使用RISC-V结构对受限制装置进行远程验证的轻量级系统LIRA-V,我们提议使用只读存储和RISC-V物理内存保护(PMP)原始系统,为远程验证和安全频道创建建立一个信任锚;此外,我们提议使用Scyther对可信任装置与装置之间的通信进行双向验证协议,该协议须经过正式的象征性核查;我们介绍使用现成的 {RISC-V}微控制器对LIRA-V进行设计、实施和评价,并展示其性能结果,以证明其适合性能;我们根据我们的知识,我们介绍适用于受限制的RISC-V装置的第一个远程验证机制,并应用物联网(IoT)和网络物理系统(CPS)。