RESEKRA: Remote Enrollment Using SEaled Keys for Remote Attestation Gómez Marín, Ernesto Parrilla Roure, Luis Mauro, Gianfranco Escobar Molero, Antonio Morales Santos, Diego Pedro Castillo Morales, María Encarnación Remote attestation Edge computing Internet of Things (IoT) Embedded systems Trusted Platform Module Funding: This research was funded by European Union’s Horizon 2020 Research and Innovation program under grant agreement No. 871518, A COmprehensive cyber-intelligence framework for resilient coLLABorative manufacturing Systems, COLLABS, and by FEDER/Junta de Andalucía- Consejería de Transformación Económica, Industria, Conocimiento y Universidades under Project BTIC- 588-UGR20. Acknowledgments: The work has been developed on a open source base with MIT license: https: //github.com/Infineon/remote-attestation-optiga-tpm (accessed on 24 June 2022). Moreover, I thank the community of TPM developers, TPM.dev, for its help in the key queries of specific elements of the TPM standard. However, any errors or problems found in the present work or in the code are solely and exclusively the responsibility of the authors of this document. This paper presents and implements a novel remote attestation method to ensure the integrity of a device applicable to decentralized infrastructures, such as those found in common edge computing scenarios. Edge computing can be considered as a framework where multiple unsupervised devices communicate with each other with lack of hierarchy, requesting and offering services without a central server to orchestrate them. Because of these characteristics, there are many security threats, and detecting attacks is essential. Many remote attestation systems have been developed to alleviate this problem, but none of them can satisfy the requirements of edge computing: accepting dynamic enrollment and removal of devices to the system, respecting the interrupted activity of devices, and last but not least, providing a decentralized architecture for not trusting in just one Verifier. This security flaw has a negative impact on the development and implementation of edge computing-based technologies because of the impossibility of secure implementation. In this work, we propose a remote attestation system that, through using a Trusted Platform Module (TPM), enables the dynamic enrollment and an efficient and decentralized attestation. We demonstrate and evaluate our work in two use cases, attaining acceptance of intermittent activity by IoT devices, deletion of the dependency of centralized verifiers, and the probation of continuous integrity between unknown devices just by one signature verification. 2022-07-22T09:17:14Z 2022-07-22T09:17:14Z 2022-07-05 journal article Gomez-Marin, E.; Parrilla, L.; Mauro, G.; Escobar-Molero, A.; Morales, D.P.; Castillo, E. RESEKRA: Remote Enrollment Using SEaled Keys for Remote Attestation. Sensors 2022, 22, 5060. [https://doi.org/10.3390/s22135060] http://hdl.handle.net/10481/76327 10.3390/s22135060 eng info:eu-repo/grantAgreement/EC/H2020/871518 http://creativecommons.org/licenses/by/4.0/ open access Atribución 4.0 Internacional MDPI