I Am a Sensor and I Approve This Message

Despite the popularity of adding sensors to mobile devices, the readings provided by these sensors cannot be trusted. Users can fabricate sensor readings with relatively little effort. This lack of trust discourages the emergence of applications where users have an incentive to lie about their sensor readings, such as falsifying a location or altering a photo taken by the camera. This paper presents a broad range of applications that would benefit from the deployment of trusted sensors, from participatory sensing to monitoring energy consumption. We present two design alternatives for making sensor readings trustworthy. Although both designs rely on the presence of a trusted platform module (TPM), they trade-off security guarantees for hardware requirements. While our first design is less secure, it requires no additional hardware beyond a TPM, unlike our second design. Finally, we present the privacy issues arising from the deployment of trusted sensors and we discuss protocols that can overcome them.