Umesh Shankar and Monica Chew and J. D. Tygar

EECS Department, University of California, Berkeley

Technical Report No. UCB/CSD-04-1363

, 2004

http://www2.eecs.berkeley.edu/Pubs/TechRpts/2004/CSD-04-1363.pdf

Kennell and Jamieson recently introduced the Genuinity system for authenticating trusted software on a remote machine without using trusted hardware. Genuinity relies on machine-specific computations, incorporating side effects that cannot be simulated quickly. The system is vulnerable to a novel attack, which we call a substitution attack. We implement a successful attack on Genuinity, and further argue this class of schemes are not only impractical but unlikely to succeed without trusted hardware.

---

BibTeX citation:

@techreport{Shankar:CSD-04-1363,
    Author= {Shankar, Umesh and Chew, Monica and Tygar, J. D.},
    Title= {Side Effects Are Not Sufficient to Authenticate Software},
    Year= {2004},
    Month= {Sep},
    Url= {http://www2.eecs.berkeley.edu/Pubs/TechRpts/2004/6207.html},
    Number= {UCB/CSD-04-1363},
    Abstract= {Kennell and Jamieson recently introduced the Genuinity system for authenticating trusted software on a remote machine without using trusted hardware. Genuinity relies on machine-specific computations, incorporating side effects that cannot be simulated quickly. The system is vulnerable to a novel attack, which we call a substitution attack. We implement a successful attack on Genuinity, and further argue this class of schemes are not only impractical but unlikely to succeed without trusted hardware.},
}

EndNote citation:

%0 Report
%A Shankar, Umesh 
%A Chew, Monica 
%A Tygar, J. D. 
%T Side Effects Are Not Sufficient to Authenticate Software
%I EECS Department, University of California, Berkeley
%D 2004
%@ UCB/CSD-04-1363
%U http://www2.eecs.berkeley.edu/Pubs/TechRpts/2004/6207.html
%F Shankar:CSD-04-1363