To improve the security and efficiency of remote attestation (RA) for embedded systems, this study proposes mutual authentication-based RA scheme for embedded systems. Especially, the authors design an RA framework based on authentication agents and measurement agents, which combines the mutually anonymous identity authentication scheme with the platform integrity attestation. During the identity authentication period, based on the traditional direct anonymous authentication scheme, the time-stamping mechanism and the mutual direct anonymous attestation mechanism are proposed to achieve bidirectional anonymous authentication of both parties in the communication. During the platform integrity attestation period, combining with the locality principle, they improve the data structure for storing the integrity measurements of the module and propose an RA mechanism based on locality principle-based hash tree. This mechanism can shorten the length of the certification path and improve the verification efficiency of platform configuration integrity certification. Furthermore, experimental results and analysis show that the efficiency of the proposed scheme is superior to the existing schemes.

中文翻译：

---

基于互认证的嵌入式系统远程认证方案

为了提高嵌入式系统远程认证（RA）的安全性和效率，本研究提出了一种基于相互认证的嵌入式系统RA方案。特别是，作者设计了一种基于身份验证代理和度量代理的RA框架，该框架将相互匿名身份认证方案与平台完整性证明相结合。在身份认证期间，基于传统的直接匿名认证方案，提出了时间戳机制和相互直接匿名认证机制，以实现通信双方的双向匿名认证。在平台完整性认证期间，结合本地性原则，他们改进了用于存储模块完整性度量的数据结构，并提出了基于基于局部性原理的哈希树的RA机制。这种机制可以缩短认证路径的长度，提高平台配置完整性认证的验证效率。此外，实验结果和分析表明，该方案的效率优于现有方案。