Search

EP-4738164-A1 - REMOTE ATTESTATION

EP4738164A1EP 4738164 A1EP4738164 A1EP 4738164A1EP-4738164-A1

Abstract

A remote attestation system 200 is provided comprising a relying party 202, a component 213; and a plurality of verifiers 204, 206, 208 arranged to verify a target by receiving evidence from an attester of the target and producing a verification result for the target based on said evidence. The relying party is arranged to cause each of the verifiers to verify the component to produce a plurality of verification results for the component; cause one or more of the verifiers to verify one or more other verifiers so as to produce one or more verification results for each verifier; and determine an attestation result for the component based on the verification results for the component and the verifiers.

Inventors

  • LEONARDON, Laurent
  • MARTINTONI, Davide
  • SENNI, Valerio
  • M GRAEFE, Jonathan

Assignees

  • ARINC Incorporated

Dates

Publication Date
20260506
Application Date
20241105

Claims (15)

  1. A remote attestation system comprising: a relying party; a component; and a plurality of verifiers arranged to verify a target by receiving evidence from an attester of the target and producing a verification result for the target based on said evidence; wherein the relying party is arranged to: cause each of the verifiers to verify the component to produce a plurality of verification results for the component; cause one or more of the verifiers to verify one or more other verifiers so as to produce one or more verification results for each verifier; and determine an attestation result for the component based on the verification results for the component and the verifiers.
  2. The remote attestation system of claim 1, comprising at least three verifiers.
  3. The remote attestation system of claim 1 or 2, wherein the relying party is arranged to cause one or more of the verifiers to verify one or more other verifiers so as to produce multiple verification results for each verifier.
  4. The remote attestation system of any preceding claim, comprising a plurality of components, wherein the relying party is arranged to: cause a set of the verifiers to verify each component to produce a plurality of verification results for the component; cause one or more of the set of verifiers to verify one or more other verifier in the set so as to produce one or more verification results for each verifier in the set; and determine an attestation result for each component based on the verification results for the component and the set of verifiers.
  5. The remote attestation system of claim 4, wherein the set of verifiers for one or more components consists of at least two verifiers but less than a total number of verifiers in the system.
  6. The remote attestation system of any preceding claim, wherein the evidence received by the verifiers is based on or includes one or more of: a current content of a memory of the target; or a current resource usage of the target; a current state of a processor and/or register of the target; a current execution state of a service on the target; a state of configuration parameters of the target.
  7. The remote attestation system of any preceding claim, wherein one or more verifiers is arranged to determine a verification result for a target by comparing the evidence to one or more expectations.
  8. The remote attestation system of any preceding claim, wherein one or more of the verification results comprises a measure of confidence that can take more than two values.
  9. The remote attestation system of any preceding claim, wherein the relying party is comprised by a first computing device and the verifiers are comprised by one or more separate computing devices.
  10. The remote attestation system of any preceding claim, wherein the relying party is arranged to communicate with at least two of the verifiers over different communication channels.
  11. The remote attestation system of any preceding claim, wherein each verifier is comprised by a separate computing device.
  12. The remote attestation system of claim 11, wherein the verifiers are located physically remotely from each other.
  13. The remote attestation system of any preceding claim, wherein the relying party is a vehicle-based device.
  14. The remote attestation system of any preceding claim, wherein the relying party is a device for use on an aircraft.
  15. A method of remote attestation comprising: each of a plurality of verifiers verifying a component by receiving evidence from an attester of the component and producing a verification result for the component based on said evidence, to produce a plurality of verification results for the component; one or more of the plurality of verifiers verifying one or more of the other verifiers by receiving evidence from attesters of the other verifiers and producing a verification result for the other verifiers based on said evidence, so as to produce one or more verification results for each verifier; and determining an attestation result for the component based on the verification results for the component and the verifiers.

Description

Technical Field The present disclosure relates to methods and systems for remote attestation. Background Remote attestation involves a party (the "relying party") relying on a verifier to determine if a target is in a desired state. For instance, an aircraft avionics system wishing to communicate with a newly encountered and/or untrusted ground server may consult a trusted verification server to determine if the ground server is operating as expected and can be trusted. Figure 1 shows a conventional remote attestation system 100. The system 100 comprises a relying party 102, a verifier 104 and a component 106. The system 100 may comprise multiple components that can be evaluated by the same verifier 104 (e.g. multiple different ground servers). The component 106 comprises an attester 108. To verify the component 106, the verifier 104 requests evidence of the state of the component 106 from the attester 108. The attester 108 obtains evidence from other parts of the component 106, and then compiles and forwards this to the verifier 104. Evidence is illustrated in Figure 1 by a dashed line. The verifier 104 considers the evidence and determines an attestation result (e.g. confirmation that the component 106 is in the desired state) and reports this to the relying party 102. The result is illustrated in Figure 1 by a dot-dashed line. Depending on the attestation result, the relying party 102 may choose to utilise (i.e. trust) the component 106. In this remote attestation architecture, the verifier 104 acts as the root of trust in the system. Offloading the verification process to the remote verifier avoids the need for the relying party itself to perform verification processes (e.g. saving energy and/or facilitating updates to verification processes) whilst still providing an accurate assessment of the component 106. Using a remote verifier can also facilitate the collection of evidence and secure storage of expected results for use in future verifications. However, the system depends on the relying party 102 and the verifier 104 communicating over a reliable and trusted communication channel (or being able to authenticate their identities and establish trust), and the attester 108being inherently trusted. This is not always the case (e.g., when the verifier is subject to an attack) and so this architecture cannot always provide dependable remote attestation. Moreover, in this conventional approach the verifier device 104 represents a single point of failure in the system 100, which can hinder reliability. An improved approach may be desired. Summary According to a first aspect of the present disclosure there is provided a remote attestation system comprising: a relying party;a component; anda plurality of verifiers arranged to verify a target by receiving evidence from an attester of the target and producing a verification result for the targetbased on said evidence; wherein the relying party is arranged to: cause each of the verifiers to verify the component to produce a plurality of verification results for the component;cause one or more of the verifiers to verify one or more other verifiers so as to produce one or more verification results for each verifier; anddetermine an attestation result for the component based on the verification results for the component and the verifiers. According to a second aspect of the present disclosure there is provided a method of remote attestation comprising: each of a plurality of verifiers verifying a component by receiving evidence from an attester of the component and producing a verification result for the component based on said evidence, to produce a plurality of verification results for the component;one or more of the plurality of verifiers verifying one or more of the other verifiers by receiving evidence from attesters of the other verifiers and producing a verification result for the other verifiers based on said evidence, so as to produce one or more verification results for each verifier; anddetermining an attestation result for the component based on the verification results for the component and the verifiers. Thus, it will be recognised by those skilled in the art that because the relying party determines the attestation result based on verification feedback from multiple separate verifiers, the system does not rely on a single remote root of trust. This can improve the reliability and accuracy of the system. Using the verifiers to also verify each other (i.e. to seek mutual endorsement) can improve the level of trust in the ultimate attestation result, e.g. mitigating one compromised verifier comprising the whole system. At least one verification result is produced for each verifier. This may be a single verification result (i.e. from one other verifier), or multiple verification results may be produced for each verifier (i.e. from multiple other verifiers). In some examples, each verifier is caused to verify each other verifier (i.e. so a verification r