This paper presents LIRA-V, a lightweight system for performing remote attestation between constrained devices using the RISC-V architecture. It proposes using the RISC-V Physical Memory Protection (PMP) primitive and read-only memory to build a trust anchor for remote attestation and secure channel creation. Moreover, we go beyond existing work and propose a novel bi-directional attestation protocol for trusted device-to-device communication, which is subjected to formal symbolic verification using Scyther. We present the design, implementation and evaluation of LIRA-V using an off-the-shelf RISC-V microcontroller and present performance results to demonstrate its suitability. To our knowledge, we present the first remote attestation mechanism suitable for constrained RISC-V devices, with applications to the Internet of Things (IoT) and Cyber Physical Systems (CPS).
翻译:本文介绍了使用RISC-V结构对受限制装置进行远程验证的轻量级系统LIRA-V,它建议使用RISC-V物理内存保护(PMP)原始和只读存储器,为远程验证和安全频道创建建立一个信任锚;此外,我们超越了现有工作,提出了关于信任装置-装置-装置通信的新型双向验证协议,该协议需要使用Scyther进行正式的象征性核实;我们介绍了使用现成的RISC-V微控制器对LIRA-V的设计、实施和评价,并介绍了其性能结果,以证明其适合性能。我们了解的是,我们介绍了适用于受限制的RISC-V装置的第一个远程验证机制,并应用了Tims(IoT)和网络物理系统(CPS)的互联网。