Yuxuan Song (INRIA)
Title:
Lightweight remote attestation over EDHOC for constrained IoT devices
Biography:
Yuxuan SONG is a Ph.D. student in the group AIO [aio.inria.fr] of Inria Paris and Sorbonne university. She is working on cybersecurity in low-power wireless communications. Her current research topic is about how to perform remote attestation to ensure the trustworthiness of the devices over a lightweight key exchange protocol.
Abstract:
In this talk, we propose a new idea to explore the possibility of applying remote attestation on ecosystems such as RIOT OS. The talk is based on an Internet-Draft published at the IETF LAKE working group, which is named “Remote attestation over EDHOC [datatracker.ietf.org]”.
We developed an efficient method of performing remote attestation in parallel with network access authentication, utilizing a newly standardized key exchange protocol named Ephemeral Diffie-Hellman Over COSE (EDHOC). EDHOC is very compact and lightweight, making it suitable for constrained environments. Remote attestation is a security service that remotely verifies and confirms the integrity and trustworthiness of devices. One use case, and the focus of our current implementation on a micro-robot, is the onboarding check process, where a constrained IoT device must prove its trustworthiness to establish a level of trust on a remote server and gain network access.
I will present the detailed procedures of how attestation items are carried as external authentication data over the EDHOC protocol to achieve attestation in parallel with network authentication. Additionally, an open discussion on the applicability of this approach for RIOT OS will be included.