Hi Arvind,
Arvind Seshadri wrote:
Pioneer provides the stronger guarantee that the program whose integrity is checked is the one that is invoked for execution. In other words, an attacker cannot modify the program between the time its integrity is checked and the time the program is invoked for execution. Also, where as
But an attacker can modify the program directly after its execution has started. So Pioneer secures exactly one machine instruction more than SEBOS. I don't think that this is impressive. With current hardware it is impossible (except if you use an IOMMU) to guarantee that a program is not modified during execution. I hope I didn't discuorage you and am still very interested in the results of Pioneer.
AEGIS and TCG only measure programs loaded at system boot, Pioneer can measure and launch programs at any point in time. The property provided by Pioneer is, therefore, similar to the late-launch capability of Intel's LT and AMD's SVM, which can be used to design systems with substantially smaller trusted computing bases than AEGIS and TCG. Unlike LT and SVM however, Pioneer is completely software-based and can be used on legacy systems.
Only on legacy systems with LinuxBIOS or on all legacy systems?
Regards, Carl-Daniel