Establishing Mutually Trusted Channels for Remote Sensing Devices with Trusted Execution Environments. / Shepherd, Carlton; Akram, Raja; Markantonakis, Konstantinos.

12th International Conference on Availability, Reliability and Security (ARES '17). ACM, 2017. p. 1-10.

Research output: Chapter in Book/Report/Conference proceedingConference contribution




Remote and largely unattended sensing devices are being deployed rapidly in sensitive environments, such as healthcare, in the home, and on corporate premises. A major challenge, however, is trusting data from such devices to inform critical decision-making using standardised trust mechanisms. Previous attempts have focused heavily on Trusted Platform Modules (TPMs) as a root of trust, but these forgo desirable features of recent developments, namely Trusted Execution Environments (TEEs), such as Intel SGX and the GlobalPlatform TEE. In this paper, we contrast the application of TEEs in trusted sensing devices with TPMs, and raise the challenge of secure TEE-to-TEE communication between remote devices with mutual trust assurances. To this end, we present a novel secure and trusted channel protocol that performs mutual remote attestation in a single run for small-scale devices with TEEs. This is evaluated on two ARM development boards hosting GlobalPlatform-compliant TEEs, yielding approximately four-times overhead versus untrusted world TLS and SSH. Our work provides strong resilience to integrity and confidentiality attacks from untrusted world adversaries, facilitates TEE interoperability, and is subjected to mechanical formal analysis using Scyther.
Original languageEnglish
Title of host publication12th International Conference on Availability, Reliability and Security (ARES '17)
Number of pages10
StatePublished - 29 Aug 2017
Event12th International Conference on Availability, Reliability and Security - Reggio Calabria, Italy


Conference12th International Conference on Availability, Reliability and Security
Abbreviated titleARES '17
CityReggio Calabria
This open access research output is licenced under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.

ID: 28168234