DyFORA: Dynamic Firmware Obfuscation and Remote Attestation using Hardware Signatures

DyFORA: Dynamic Firmware Obfuscation and Remote Attestation using Hardware Signatures

연구 분야: Analysis

학회: GLSVLSI '24: Proceedings of the Great Lakes Symposium on VLSI 2024

In an era dominated by embedded devices, securing firmware is critical. These devices, often in limited-resource settings, are targets for attacks like piracy, tampering, and reverse engineering. Traditional defenses rely on heavy encryption and obfuscation, leading to performance issues and failing to prevent data leaks. Traditional methods also need runtime cryptographic key storage, increasing vulnerability. This paper introduces the DyFORA framework to protect firmware in real time without storing keys. It uses unique hardware-firmware bindings to prevent unauthorized firmware use. Additionally, we present a novel dynamic runtime attestation method to verify firmware integrity continuously. Our results show this approach significantly boosts security against conventional attacks with minimal overhead in performance (4.62%), area (0.35%), and power (1.4%), requiring 2.6x1075 trials for plaintext firmware decryption.