BARRETT BlockchAin Regulated REmote aTTestation

Today, an increasing number of Internet of Things (IoT) healthcare devices, crucial to a person's wellbeing and life, connects to the internet and consequently is exposed to a variety of threats. These devices possess low computational resources, and as a result they cannot use security tools such as antivirus or firewalls. Consequently, they become easy targets for cyberattacks and malware infection, thus putting a person's life at risk. One way to protect these devices from malware infection is Remote Attestation (RA), a process by which a device with low computational power (prover) verifies its internal state to a party with higher computational resources (verifier) upon the latter's request. However, in case the verifier is malicious, it may constantly send numerous requests for RA to a prover to prevent it from performing the functions it was designed for. Thus, keeping it busy and rendering it unusable to its legit users as well as services. In short, the verifier performs a Computational Denial of Service (CDoS) attack against the prover. This paper proposes the BARRETT architecture which uses a Public Ethereum Network (PEN) in conjunction with an RA protocol to protect the prover from CDoS attacks. In particular, the PEN in BARRETT deters CDoS by forcing the verifier to pay a fee in Ether cryptocurrency every time they wish to send an Attestation Request (AR) to a prover. The verifier pays the fee since in BARRETT it can send the AR only via Ethereum transactions. Consequently, any attempt to perform a CDoS becomes prohibitively expensive.