Defining trust in IoT environments via distributed remote attestation using blockchain

The constantly growing number of Internet of Things (IoT) devices and their resource-constrained nature makes them particularly vulnerable and increasingly attractive for exploitation by cyber criminals. Current estimates commonly reach the tens of billions for the number of connected 'things'. The heterogeneous capabilities of these devices serve as a motivation for resource sharing among them. However, for effective resource sharing, it is essential that trust be retained in the multitude of pervasive and diverse IoT devices. Remote attestation is a well-known technique used to build such trust. Thus, this paper proposes a blockchain based remote attestation protocol to establish trust between IoT devices. The blockchain offers a secure framework for device registration while the attestation is based on Physical Unclonable Functions (PUF). This combination of technologies results in a tamper resistant scheme with protection against physical and proxy attacks.