Open AccessMutual authentication‐based RA scheme for embedded systems
Author(s) -
Wang Ziwang,
Zhuang Yi,
Xia Qingxun
Publication year - 2020
Publication title -
iet information security
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.308
H-Index - 34
eISSN - 1751-8717
pISSN - 1751-8709
DOI - 10.1049/iet-ifs.2019.0027
Subject(s) - computer science , authentication (law) , mutual authentication , scheme (mathematics) , merkle tree , data integrity , hash function , authentication protocol , trusted computing , certification , cryptography , computer security , computer network , hash chain , mathematics , mathematical analysis , political science , law
To improve the security and efficiency of remote attestation (RA) for embedded systems, this study proposes mutual authentication‐based RA scheme for embedded systems. Especially, the authors design an RA framework based on authentication agents and measurement agents, which combines the mutually anonymous identity authentication scheme with the platform integrity attestation. During the identity authentication period, based on the traditional direct anonymous authentication scheme, the time‐stamping mechanism and the mutual direct anonymous attestation mechanism are proposed to achieve bidirectional anonymous authentication of both parties in the communication. During the platform integrity attestation period, combining with the locality principle, they improve the data structure for storing the integrity measurements of the module and propose an RA mechanism based on locality principle‐based hash tree. This mechanism can shorten the length of the certification path and improve the verification efficiency of platform configuration integrity certification. Furthermore, experimental results and analysis show that the efficiency of the proposed scheme is superior to the existing schemes.