Srđan Čapkun (ETH Zurich, Switzerland)

Marcel Keller (CSIRO, Australia)

Douglas Stebila (University of Waterloo, Canada)

Gene Tsudik (University of California, US)

Mitigating TOCTOU in Hybrid Remote Attestation (RATA: Remote Attestation with TOCTOU Avoidance)

Much attention has been devoted to verifying software integrity of remote embedded (IoT) devices. Many techniques, with different assumptions and security guarantees, have been proposed under the common umbrella of so-called Remote Attestation (RA). Aside from code integrity verification, RA serves as a foundation for many security services, such as proofs of memory erasure, system reset, software update, and verification of runtime properties.

Prior RA techniques verify the remote device’s binary at the time when RA functionality is invoked, thus providing no information about the device’s binary before current RA execution or between consecutive RA executions. This implies that presence of transient malware might not be detected. In other words, if transient malware infects a device (by modifying its binary), performs its nefarious tasks, and erases itself before the next attestation, its temporary presence will not be detected. This important problem, called Time-Of-Check-Time-Of-Use (TOCTOU), is well-known in the research literature and remains unaddressed in the context of hybrid RA.

In this talk, we show the construction of RATA: Remote Attestation with TOCTOU Avoidance a provably secure approach for addressing the TOCTOU problem. With RATA, even malware that erases itself before execution of the next RA instance, can not hide its ephemeral presence. RATA is geared for hybrid RA architectures, which are aimed at low-end embedded devices. We present two alternative techniques: RATAa and RATAb, suited for devices with and without real-time clocks, respectively. Each is shown to be secure and accompanied by a publicly available and formally verified implementation. Our evaluation demonstrates low hardware overhead of both techniques. RATA also substantially reduces the timing of RA execution from linear to constant time.

About the speaker: Gene Tsudik is a Distinguished Professor of Computer Science at the University of California, Irvine (UCI). He obtained his PhD in Computer Science from USC in 1991. Before coming to UCI in 2000, he was at the IBM Zurich Research Laboratory (1991-1996) and USC/ISI (1996-2000). His research interests include many topics in security, privacy and applied cryptography. Gene Tsudik is a Fulbright Scholar, Fulbright Specialist (twice), a fellow of ACM, IEEE, AAAS, and IFIP as well as a foreign member of Academia Europaea. From 2009 to 2015 he served as Editor-in-Chief of ACM Transactions on Information and Systems Security (TISSEC, renamed TOPS in 2016). Gene was the recipient of 2017 ACM SIGSAC Outstanding Contribution Award. He is also the author of the first crypto-poem published as a refereed paper.