PATRIOT: Anti-Repackaging for IoT Firmware Integrity. (arXiv:2109.04337v3 [cs.CR] UPDATED)

IoT repackaging refers to an attack devoted to tampering with a legitimate
firmware package by modifying its content (e.g., injecting some malicious code)
and re-distributing it in the wild. In such a scenario, the firmware delivery
and update processes play a central role in ensuring firmware integrity.
Unfortunately, several existing solutions lack proper integrity verification,
exposing firmware to repackaging attacks. If this is not the case, they still
require an external trust anchor (e.g., signing keys or secure storage
technologies), …

firmware integrity iot