ITERATOR: Interruptible Remote attestation through Cuckoo filters
Journal article, 2025

Remote attestation (RA) is emerging as a promising security mechanism that establishes trust in IoT devices by detecting the malware presence. Typically, RA consists of computing a hash over the device’s memory and is executed as an atomic procedure to guarantee the reliability of the attestation evidence. However, in real-world situations, such as those involving real-time systems, energy-harvesting devices, or mission-critical operations, the IoT device may not be able to complete the attestation procedure due to various factors like task scheduling, limited battery life, or higher priority tasks. In such scenarios where flexibility, adaptability, and security are paramount, enabling interruptibility of RA is crucial. This paper presents a novel approach called ITERATOR which leverages hash-based storage to enable interruptible RA without any additional hardware requirements. Our proposal transforms the device attestation procedure from the traditional approach of memory hash computation to a lookup operation in a hash-based storage, namely, Cuckoo filter. The ITERATOR protocol divides the device’s memory into blocks associated with a Cuckoo filter bucket. This approach allows the device to perform RA in multiple rounds, ensuring secure interruptible attestation. We perform software simulations of ITERATOR, demonstrating its high effectiveness in detecting the malware presence. Due to its interruptible design, ITERATOR cannot guarantee 100% detection in a single attestation round; however, repeated rounds make long-term evasion by malware highly unlikely. In particular, the experiments showed that the probability of evading the detection ranges between 37% and less than 1%, depending on the protocol configuration. Moreover, we validate ITERATOR’s efficiency through two hardware proof-of-concept implementations that rely on ESP32 and FPGA platforms. The FPGA implementation shows the high efficiency of the protocol, with 34.3ns to attest a single memory block.

Interruptible attestation

IoT security

Remote attestation

Cuckoo filter

Author

Nicolo Sponziello

Technical University of Denmark (DTU)

Arish Sateesan

RWTH Aachen University

Md Masoom Rabbani

Chalmers, Computer Science and Engineering (Chalmers), Computer and Network Systems

University of Gothenburg

Other publications Research

Nele Mentens

Leiden University

KU Leuven

Nicola Dragoni

Technical University of Denmark (DTU)

Edlira Dushku

Aalborg University

IEEE Internet of Things Journal

23274662 (eISSN)

Vol. In Press

Subject Categories (SSIF 2025)

Computer Sciences

Computer Engineering

Security, Privacy and Cryptography

Computer and Information Sciences

DOI

10.1109/JIOT.2025.3621016

Publication data connected to DOI

More information

Latest update

11/17/2025

Feedback and support

If you have questions, need help, find a bug or just want to give us feedback you may use this form, or contact us per e-mail research.lib@chalmers.se.

About

Research.chalmers.se contains research information from Chalmers University of Technology, Sweden. It includes information on projects, publications, research funders and collaborations.

More about coverage period and what is publicly available

Privacy and cookies

Accessibility

Citation Style Language
citeproc-js (Frank Bennett)

Links

Chalmers Library
Chalmers Research
Chalmers Student Theses

Chalmers University of Technology

SE-412 96 GOTHENBURG, SWEDEN
PHONE: +46 (0)31-772 10 00
WWW.CHALMERS.SE