USENIX Conference Policies
Side Effects Are Not Sufficient to Authenticate Software
Kennell and Jamieson recently introduced the Genuinity system for authenticating trusted software on a remote machine without using trusted hardware. Genuinity relies on machine-specific computations, incorporating side effects that cannot be simulated quickly. The system is vulnerable to a novel attack, which we call a substitution attack. We implement a successful attack on Genuinity, and further argue this class of schemes are not only impractical but unlikely to succeed without trusted hardware.
BibTeX
@inproceedings {269608,
author = {Umesh Shankar and Monica Chew and J.D. Tygar},
title = {Side Effects Are Not Sufficient to Authenticate Software},
booktitle = {13th USENIX Security Symposium (USENIX Security 04)},
year = {2004},
address = {San Diego, CA},
url = {https://www.usenix.org/conference/13th-usenix-security-symposium/side-effects-are-not-sufficient-authenticate-software},
publisher = {USENIX Association},
month = aug
}
author = {Umesh Shankar and Monica Chew and J.D. Tygar},
title = {Side Effects Are Not Sufficient to Authenticate Software},
booktitle = {13th USENIX Security Symposium (USENIX Security 04)},
year = {2004},
address = {San Diego, CA},
url = {https://www.usenix.org/conference/13th-usenix-security-symposium/side-effects-are-not-sufficient-authenticate-software},
publisher = {USENIX Association},
month = aug
}