PACCOR4ESP: Embedded Device Security Attestation using Platform Attribute Certificates

TL;DR

This paper extends the PACCOR framework to the ESP32 microcontroller, enabling secure extraction and storage of device characteristics using Platform Attribute Certificates for improved embedded device attestation.

Contribution

It introduces PACCOR4ESP, a novel extension for embedded device attestation that utilizes Platform Attribute Certificates on ESP32 devices, addressing standardization and comprehensive hardware/software coverage.

Findings

Detects security-relevant information like firmware and bootloader hashes

Automatically embeds device characteristics into Platform Attribute Certificates

Integrates with existing attestation frameworks such as RAS, CRAFT, and SEDA

Abstract

Verifying the integrity of embedded device characteristics is required to ensure secure operation of a device. One central challenge is to securely extract and store device-specific configurations for future verification. Existing device attestation schemes suffer from notable limitations, including a lack of standardization and a failure to encompass all hardware and software aspects inherent to a platform. This paper proposes an extension of the NSA Cybersecurity Directorate's Platform Attribute Certificate Creator (PACCOR) for the ESP32, a widely-used microcontroller series. Platform Attribute Certificates store device characteristics as per the Trusted Computing Group's Platform Certificate Profile. As of today, there is little research on hybrid attestation schemes utilizing Platform Attribute Certificates on embedded devices, which this work addresses. This paper presents a collection of attacks that can be detected using PACCOR4ESP. The toolkit extracts security-relevant information from an ESP32-S3, such as the firmware hash, bootloader hash, GPIO pin configuration, and a reference to the endorsement key of the secure element, and automatically embeds it into a Platform Attribute Certificate. Lastly, this work shows how PACCOR4ESP can be integrated with existing embedded device attestation frameworks, such as RAS, CRAFT, and SEDA.