PriRoster: Privacy-preserving Radio Context Attestation in Cognitive Radio Network

Abstract

Spectrum shortage is a global concern and cognitive radio network (CRN) is envisioned to be one of the key technologies for overcoming this challenge. However, proper operation of a CRN heavily depends on compliance of cognitive radios (CRs). Although remote attestation of a CR’s radio context is a promising solution, current remote attestation that requires the target’s configuration to be publicly available to the verifier poses a fundamental challenge to the operational security of spectrum users, especially military primary users. To protect a device’s configuration information, we propose PriRoster, a privacy-preserving remote attestation mechanism, that effectively separates the need to know the operational configuration from the capability to execute the verification process correctly at the verifier. PriRoster hides sensitive device and/or radio configuration information from untrusted intermediate verifiers in a public network and enables a range of new applications such as efficient network-wide radio context attestation. Trusted execution environment (TEE) such as Intel SGX is used in our design to provide confidential processing. However, naive application of TEE suffers from not only poor system scalability, but also information side channel leakage. We develop trust transfer protocol to significantly enhance system scalability, and the protection against information side channel attack is accomplished by automatically incorporating obliviousness primitive into the attestation program. We build a prototype of the proposed PriRoster system using Raspberry Pi, USRP, Intel NUC, and AWS cloud. The feasibility of our proposed framework is demonstrated by system benchmarks and the effectiveness of the proposed oblivious appraisal functions are verified by recording memory access pattern via code instrumentation.