Secure erasure and code update in legacy sensors

Ghassan O. Karame, Wenting Li

    Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

    Abstract

    Sensors require frequent over-the-air reprogramming to patch software errors, replace code, change sensor configuration, etc. Given their limited computational capability, one of the few workable techniques to secure code update in legacy sensors would be to execute Proofs of Secure Erasure (PoSE) which ensure that the sensor’s memory is purged before sending the updated code. By doing so, the updated code can be loaded onto the sensor with the assurance that no other malicious code is being stored. Although current PoSE proposals rely on relatively simple cryptographic constructs, they still result in considerable energy and time overhead in existing legacy sensors. In this paper, we propose a secure code update protocol which considerably reduces the overhead of existing proposals. Our proposal naturally combines PoSE with All or Nothing Transforms (AONT); we analyze the security of our scheme and evaluate its performance by means of implementation on MicaZ motes. Our prototype implementation only consumes 371 bytes of RAM in TinyOS2, and improves the time and energy overhead of existing proposals based on PoSE by almost 75 %.

    Original languageEnglish
    Title of host publicationTrust and Trustworthy Computing - 8th International Conference, TRUST 2015, Proceedings
    PublisherSpringer Verlag
    Pages283-299
    Number of pages17
    Volume9229
    ISBN (Print)9783319228457
    DOIs
    Publication statusPublished - 2015
    Event8th International Conference on Trust and Trustworthy Computing, TRUST 2015 - Heraklion, Greece
    Duration: 24 Aug 201526 Aug 2015

    Publication series

    NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
    Volume9229
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Other

    Other8th International Conference on Trust and Trustworthy Computing, TRUST 2015
    Country/TerritoryGreece
    CityHeraklion
    Period24/08/1526/08/15

    Keywords

    • All or nothing transformations
    • Proofs of secure erasure
    • Secure code update

    Fingerprint

    Dive into the research topics of 'Secure erasure and code update in legacy sensors'. Together they form a unique fingerprint.

    Cite this