A remote attestation protocol with Trusted Platform Modules (TPMs) in wireless sensor networks

摘要

Given the limited resources and computational power of current embedded sensor devices, memory protection is difficult to achieve and generally unavailable. Hence, the software run-time buffer overflow that is used by the worm attacks in the Internet could be easily exploited to inject malicious codes into wireless sensor networks (WSNs). As a result, the remote attestation on the application codes installed in WSNs is the first important step to detect any unauthorized changes through the buffer overflow attack. Previous software-based remote code verification approaches such as SoftWare-based ATTestation and Secure Code Update By Attestation have been shown difficult to deploy in recent work. In this paper, we propose and implement a remote attestation protocol for detecting unauthorized tampering in the application codes running on sensor nodes with the assistance of Trusted Platform Modules (TPMs), a tiny, cost-effective and tamper-proof cryptographic micro-controller. In our design, each sensor node is equipped with a TPM, and the firmware running on the node could be verified by the other sensor nodes in a WSN, including the sink. Specifically, we present a hardware-based remote attestation protocol, discuss the potential attacks an adversary could launch against the protocol and provide comprehensive system performance results of the protocol in a multi-hop sensor network testbed. The experimental results demonstrated that our scheme is able to attest the application codes running in sensor node with small delay (less than 25s for single-hop), considerable network lifetime and reasonable communication and energy overhead. Copyright (c) 2015 John Wiley & Sons, Ltd.