New Results for Timing-Based Attestation

Xeno Kovah, Corey Kallenberg, Chris Weathers, Amy Herzog, Matthew Albin, John Butterworth
May, 2012
Cite Whitepaper (PDF)

Abstract

In this talk we coined the term Timing-Based Attestation (TBA) to refer to what was previously called “software-based attestation”, to emphasize its reliance of detection of timing side-channel information. Showed the feasibility of using TBA 1) from the Windows kernel driver 2) across a real enterprise network and 3) with the TPM instead of just network round trip time. Also laid out the 3 necessary conditions for TOCTOU attacks to subvert TBA.

Type
Conference paper
Publication
In IEEE Symposium on Security & Privacy
remote attestation timing-based attestation Windows security Windows kernel security memory integrity verification
Xeno Kovah
Xeno Kovah
Dark Mentor Level X

Hacking firmware like it’s no big deal.