garrettmills/eecs700-final
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3d667b8d79
eecs700-final/index.html

205 lines
10 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!doctype html>
<html lang="en">
<head>
<title>Review of Petzi et al. 2022</title>
<link rel="stylesheet" href="node_modules/reveal.js/dist/reveal.css">
<link rel="stylesheet" href="node_modules/reveal.js/dist/theme/night.css">
<link rel="stylesheet" href="node_modules/reveal.js/plugin/highlight/zenburn.css">
<link rel="stylesheet" href="node_modules/reveal.js-drawer/dist/drawer.css">
<link rel="stylesheet" href="lib/attribution/plugin.css">
</head>
<body>
<div class="reveal">
<div class="slides">
<section style="text-align: left">
<b>SCRAPS</b>:<br><b>S</b>calable <b>C</b>ollective <b>R</b>emote <b>A</b>ttestation for <b>P</b>ub-<b>S</b>ub IoT Networks with Untrusted Proxy Verifier
<br><br>
<small><i>Petzi et al.</i> 2022 (31st USENIX Security Symposium, pp. 3484-3501)</small>
<br><small>Summary: Garrett Mills &lt;glm@ku.edu&gt;<br>
<i style="color: #888">https://garrettmills.dev/go/scraps</i></small>
</section>
<section>
<b>Attestation</b> <i>(noun)</i> - the activity of making a claim to an appraiser about the properties of a target by supplying evidence which
supports that claim. <small><i>[1]</i></small>
</section>
<section>
<b>Smart Contracts</b> <i>(noun)</i> - scripts stored on the blockchain. The contracts have their own state, and are triggered by messages/transactions
sent to their respective addresses. <small><i>[2]</i></small>
</section>
<section>
<b>Challenges adapting RA to IoT:</b><br><br>
<ol>
<li>IoT relies on asynchronous channels</li>
<li>IoT devices may go offline to save power</li>
<li>IoT networks use untrusted brokers</li>
</ol>
</section>
<section>
<b>SCRAPS</b><br><br>
<ul>
<li>Manufacturer's SC (config)</li>
<li>ProxyVerifier SC (appraiser)</li>
<li>Prover (target)</li>
<li>Verifier (requester)</li>
</ul>
</section>
<section data-transition="none" style="text-align: left">
<ol style="font-size: 0.75em;">
<li><b>Prover registers with Broker</b></li>
<li>Prover computes measurement using chain hash</li>
<li>ProxyVerifier appraises evidence using config & freshness</li>
<li>Verifier requests appraisal from ProxyVerifier</li>
</ol>
</section>
<section data-transition="none" style="text-align: left">
<ol style="font-size: 0.75em;">
<li>Prover registers with Broker</li>
<li><b>Prover computes measurement using chain hash</b></li>
<li>ProxyVerifier appraises evidence using config & freshness</li>
<li>Verifier requests appraisal from ProxyVerifier</li>
</ol>
</section>
<section data-transition="none" style="text-align: left">
<ol style="font-size: 0.75em;">
<li>Prover registers with Broker</li>
<li>Prover computes measurement using chain hash</li>
<li><b>ProxyVerifier appraises evidence using config & freshness</b></li>
<li>Verifier requests appraisal from ProxyVerifier</li>
</ol>
</section>
<section data-transition="none" style="text-align: left">
<ol style="font-size: 0.75em;">
<li>Prover registers with Broker</li>
<li>Prover computes measurement using chain hash</li>
<li>ProxyVerifier appraises evidence using config & freshness</li>
<li><b>Verifier requests appraisal from ProxyVerifier</b></li>
</ol>
</section>
<section>
<img src="img/fig-6.png" alt="Figure 6" style="filter: invert(100%);">
</section>
<section>
<img src="img/fig-8.png" alt="Figure 8" style="filter: invert(100%);">
</section>
<section data-background-image="img/live-laugh-learn.jpg">
<div style="background: rgba(0, 0, 0, 0.4)">
<h3>Smart Contracts</h3>
</div>
</section>
<section>
<b>Stength:</b> Problem/architecture formulation
</section>
<section>
<b>Strength:</b> Performance
</section>
<section>
<b>Strength:</b> Appraiser is as secure as the chain
</section>
<section style="font-size: 0.9em">
<b>Strength:</b> Use of blockchain eliminates some attacks
</section>
<section style="font-size: 0.9em">
<b>Weakness:</b> Interaction between freshness and sleep
</section>
<section style="font-size: 0.9em">
<b>Weakness:</b> Limited appraisal & trust flexibility
</section>
<section style="font-size: 0.9em">
<b>Weakness:</b> Determination of&nbsp;&nbsp;$T_{min}$ and&nbsp;&nbsp;$T_{exp}$
</section>
<section style="font-size: 0.9em">
<b>Weakness:</b> Depends on manufacturer's pub-key to verify
</section>
<section style="font-size: 0.9em">
<b>Weakness:</b> Evidence & appraisal privacy
</section>
<section style="font-size: 0.9em">
<b>Future work:</b> Formal verification of ProxyVerifier
</section>
<section style="font-size: 0.9em">
<b>Future work:</b> SC-based flexible mechanisms
</section>
<section style="font-size: 0.9em">
<b>Future work:</b> SC-based flexible mechanisms <i>(reprise)</i>
</section>
<section>
<b>References</b>
<br>
<br>
<div style="text-align: left; font-size: 0.5em;">
<p>[0] Petzi, Lukas, Ala Eddine Ben Yahya, Alexandra Dmitrienko, Gene Tsudik, Thomas Prantl, and Samuel Kounev. “SCRAPS: Scalable Collective Remote Attestation for Pub-Sub IoT Networks with Untrusted Proxy Verifier,” 2022, 18.</p>
<p>[1] Coker, George, Joshua Guttman, Peter Loscocco, Amy Herzog, Jonathan Millen, Brian OHanlon, John Ramsdell, Ariel Segall, Justin Sheehy, and Brian Sniffen. “Principles of Remote Attestation.” International Journal of Information Security 10, no. 2 (June 2011): 6381. https://doi.org/10.1007/s10207-011-0124-7.</p>
<p>[2] Christidis, Konstantinos, and Michael Devetsikiotis. “Blockchains and Smart Contracts for the Internet of Things.” IEEE Access 4 (2016): 22922303. https://doi.org/10.1109/ACCESS.2016.2566339.</p>
<p>[3] Helble, Sarah C., Ian D. Kretz, Peter A. Loscocco, John D. Ramsdell, Paul D. Rowe, and Perry Alexander. “Flexible Mechanisms for Remote Attestation.” ACM Transactions on Privacy and Security 24, no. 4 (September 30, 2021): 29:1-29:23. https://doi.org/10.1145/3470535.</p>
</div>
</section>
<!--<section>Hello, World!</section>
<section>
Slide 2!
<span class="attribution">
Template courtesy of <a target="_blank" href="https://code.garrettmills.dev/garrettmills/slides">my template</a>.
</span>
</section>
<section data-markdown>
<textarea data-template>
## Slide 3
This is a markdown slide!
- note1
- note2
- note3
```js
const a = `Hello, ${name}!`
```
-&#45;&#45;
## Slide 4
This contains some katex.
`$$\cfrac{(v, c) \Downarrow v'}{(v, c) \rightarrow v'}$$`
</textarea>
</section>-->
</div>
</div>
<script src="node_modules/reveal.js/dist/reveal.js"></script>
<script src="node_modules/reveal.js/plugin/markdown/markdown.js"></script>
<script src="node_modules/reveal.js/plugin/highlight/highlight.js"></script>
<script src="node_modules/reveal.js/plugin/math/math.js"></script>
<script src="node_modules/reveal.js/plugin/notes/notes.js"></script>
<script src="node_modules/reveal.js/plugin/search/search.js"></script>
<script src="node_modules/reveal.js-drawer/dist/drawer.js"></script>
<script src="lib/attribution/plugin.js"></script>
<script>
Reveal.initialize({
plugins: [
RevealMarkdown,
RevealHighlight,
RevealMath.KaTeX,
RevealNotes,
RevealSearch,
RevealDrawer,
RevealAttribution,
],
progress: false,
hash: true,
hideCursorTime: 2000,
});
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink