Timing-Based Attestation: Sexy Defense, or the Sexiest?

Abstract

Explaining how Timing-Based Attestation (or Software-Based Attestation as it’s known when you don’t use special hardware) is an extremely sexy defensive technique. It has all the elements that make hacking in general so fun: digging through low level code, victory going to the superior understanding of the architecture/code, etc. This talk is a survey of other work in the area, while going into a little bit more depth about how we’ve used it at the kernel and BIOS level.