PADS: Practical Attestation for Highly Dynamic Swarm Topologies

TL;DR

PADS is a practical, efficient protocol for remote attestation in large, dynamic IoT networks, reducing complexity and assumptions to enable scalable device security verification.

Contribution

This paper introduces PADS, a novel collective attestation protocol that handles unstructured and dynamic topologies efficiently, improving over existing solutions.

Findings

PADS outperforms state-of-the-art protocols in simulations.

It is suitable for low-end devices and highly unstructured networks.

PADS reduces management complexity and assumptions.

Abstract

Remote attestation protocols are widely used to detect device configuration (e.g., software and/or data) compromise in Internet of Things (IoT) scenarios. Unfortunately, the performances of such protocols are unsatisfactory when dealing with thousands of smart devices. Recently, researchers are focusing on addressing this limitation. The approach is to run attestation in a collective way, with the goal of reducing computation and communication. Despite these advances, current solutions for attestation are still unsatisfactory because of their complex management and strict assumptions concerning the topology (e.g., being time invariant or maintaining a fixed topology). In this paper, we propose PADS, a secure, efficient, and practical protocol for attesting potentially large networks of smart devices with unstructured or dynamic topologies. PADS builds upon the recent concept of non-interactive attestation, by reducing the collective attestation problem into a minimum consensus one. We compare PADS with a state-of-the art collective attestation protocol and validate it by using realistic simulations that show practicality and efficiency. The results confirm the suitability of PADS for low-end devices, and highly unstructured networks.