Overview
Syllabus
Intro
Outline
Hardware-security mechanisms are pervasive
What is remote attestation?
Attestation requirements
Attestation Protocol
Attestation in practice
Desiderata for messaging protocols
The limits of deniability?
When is (cryptographic) deniability useful?
A new kind of attack
The dangers of undeniable communications
What do deniable protocols look like?
Deniable protocols: Off-the-Record (OTR)
Deniable protocols: Signal Protocol
An overview of our attack
Key point: TEEs let us prove that a key was secret
Modifying a Signal client
The result: an attested transcript
Demo
Switch to online-deniable protocols
Defensive remote attestation
Put the human in the loop
Countermeasures
Not just messaging protocols
Black Hat Sound Bytes
Taught by
Black Hat