When to Attest? Intra- and Post-Handshake Attestation for IoT Swarms

Remote attestation is a security mechanism that allows a device to prove its integrity and trustworthiness by generating fresh verifiable evidence to be assessed by a verifier. It is gaining increasing attention in the context of IoT security for both IoT devices and services. Within the ongoing standardization efforts at the IETF, two distinct approaches have emerged and are actively discussed by different working groups and protocol designers: (1) intra-handshake attestation, where attestation is performed during the handshake process; (2) posthandshake attestation, where it occurs after the handshake is complete. This position paper analyzes the respective security properties and discusses their applicability across different IoT deployment scenarios. We highlight the key trade-off: intrahandshake attestation enables early trust establishment prior to session setup, making it suitable for onboarding scenarios, while post-handshake attestation provides continuous assurance and supports runtime integrity validation.

In IEEE Conference on Standards for Communications and Networking (CSCN)