Mesh networks have become increasingly popular and practical in recent years. In particular, shared-media mesh networks, such as wireless or Powerline Communication (PLC) networks, etc., are often on what is referred to as Low-Power and Lossy Networks (LLNs), which are a class of network in which both the routers and their interconnect are constrained. Notably, LLN routers typically operate with highly constrained resources (e.g., processing power, memory, power source, etc.), and communicate via links that are characterized by high loss rates, low data rates, and/or instability.
An example implementation of LLNs is an “Internet of Things” network. Loosely, the term “Internet of Things” or “IoT” may be used to refer to uniquely identifiable objects (things) and their virtual representations in a network-based architecture. In particular, the next frontier in the evolution of the Internet is the ability to connect more than just computers and communication devices, but rather the ability to connect “objects” in general, such as lights, appliances, vehicles, heating, ventilating, and air-conditioning (HVAC) devices, windows and window shades and blinds, doors, locks, etc. The “Internet of Things” thus generally refers to the interconnection of objects (e.g., smart objects), such as sensors and actuators, over a computer network, which may be the public Internet and/or a private network.
Remote attestation generally refers to the process whereby a device in a network makes a claim about certain properties of its hardware, software, and/or runtime environment to a remote verifier. To prove the trustworthiness of the properties and of the device itself, the device may also include security credentials with the reported properties (e.g., based on a hardware-based root of trust, digital signatures, certificates, etc.). However, as noted above, device resources in LLNs and other mesh networks may be considerably limited, making it impractical to perform remote attestation in many LLNs.