Research Article
Intrinsic Code Attestation by Instruction Chaining for Embedded Devices
@INPROCEEDINGS{10.1007/978-3-319-28865-9_6, author={Oliver Stecklina and Peter Langend\o{}rfer and Frank Vater and Thorsten Kranz and Gregor Leander}, title={Intrinsic Code Attestation by Instruction Chaining for Embedded Devices}, proceedings={Security and Privacy in Communication Networks. 11th International Conference, SecureComm 2015, Dallas, TX, USA, October 26-29, 2015, Revised Selected Papers}, proceedings_a={SECURECOMM}, year={2016}, month={2}, keywords={}, doi={10.1007/978-3-319-28865-9_6} }
- Oliver Stecklina
Peter Langendörfer
Frank Vater
Thorsten Kranz
Gregor Leander
Year: 2016
Intrinsic Code Attestation by Instruction Chaining for Embedded Devices
SECURECOMM
Springer
DOI: 10.1007/978-3-319-28865-9_6
Abstract
In this paper we present a novel approach to ensure that no malicious code can be executed on resource constraint devices such as sensor nodes or embedded devices. The core idea is to encrypt the code and to decrypt it after reading it from the memory. Thus, if the code is not encrypted with the correct key it cannot be executed due the incorrect result of the decryption operation. A side effect of this is that the code is protected from being copied. In addition we propose to bind instructions to their predecessors by cryptographic approaches. This helps us to prevent attacks that reorder authorized code such as return-oriented programming attacks. We present a thorough security analysis of our approach as well as simulation results that prove the feasibility of our approach. The performance penalty as well as the area penalty depend mainly on the cipher algorithm used. The former can be as small as a single clock cycle if Prince a latency optimized block cipher is used, while the area overhead is 45 per cent for a commodity micro controller unit (MCU).