Verifiable Code Execution

Pioneer1

Untrusted computing platform can tamper with code execution in at least three ways:

  1. By modifying the code before invoking it;
  2. Executing alternate code; or
  3. modifying execution state such as memory or registers when the code is running.

Pioneer: challenge-response protocole between trusted & untrusted platform.

Assuarance that:

  1. an arbitrary piece of code (the executable) on the untrusted platform is unmodified;
  2. the unmodified executable is invoked for execution on the untrusted platform;
  3. The exectable is executed untampered, despite the presence of malicious software on the untrusted platform.
  1. Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems. SOSP, 2005. ↩
Created Aug 12, 2019 // Last Updated Aug 12, 2019

If you could revise
the fundmental principles of
computer system design
to improve security...

... what would you change?