slimIoT: Scalable Lightweight Attestation Protocol For the Internet of Things

TL;DR

slimIoT is a scalable, lightweight protocol for remote attestation in IoT networks, enabling efficient and secure verification of device states across large, heterogeneous device populations.

Contribution

The paper introduces slimIoT, a novel scalable attestation protocol that combines broadcast authentication and symmetric cryptography for secure IoT device verification.

Findings

Low memory and runtime overhead

Scalable to thousands of devices

Robust against physical attacks

Abstract

The Internet of Things (IoT) is increasingly intertwined with critical industrial processes, yet contemporary IoT devices offer limited security features, creating a large new attack surface. Remote attestation is a well-known technique to detect cyber threats by remotely verifying the internal state of a networked embedded device through a trusted entity. Multi-device attestation has received little attention although current single-device approaches show limited scalability in IoT applications. Though recent work has yielded some proposals for scalable attestation, several aspects remain unexplored, and thus more research is required. This paper presents slimIoT, a scalable lightweight attestation protocol that is suitable for all IoT devices. slimIoT depends on an efficient broadcast authentication scheme along with symmetric key cryptography. It is resilient against a strong adversary with physical access to the IoT device. Our protocol is informative in the sense that it identifies the precise status of every device in the network. We implement and evaluate slimIoT considering many factors. On the one hand, our evaluation results show a low overhead in terms of memory footprint and runtime. On the other hand, simulations demonstrate that slimIoT is scalable, robust and highly efficient to be used in static and dynamic networks consisting of thousands of heterogenous IoT devices.