The Undeniable Truth - How Remote Attestation Circumvents Deniability Guarantees in Secure Messaging Protocols

Explore the intricacies of secure messaging protocols and the challenges posed by remote attestation in this 50-minute Black Hat conference talk. Delve into the design of protocols that resist attackers using remote attestation, examining both cryptographic methods like on-line deniable key establishment and Trusted Execution Environment (TEE) approaches. Understand the concept of remote attestation, its requirements, and practical applications. Investigate the desirable features of messaging protocols and the limitations of deniability. Analyze the potential dangers of undeniable communications and examine examples of deniable protocols such as Off-the-Record (OTR) and Signal Protocol. Discover a new type of attack that exploits TEEs to prove key secrecy, and witness a demonstration of an attested transcript. Learn about defensive strategies, including online-deniable protocols and human-in-the-loop approaches. Consider the broader implications beyond messaging protocols and gain valuable insights into the evolving landscape of secure communication.

Intro
Outline
Hardware-security mechanisms are pervasive
What is remote attestation?
Attestation requirements
Attestation Protocol
Attestation in practice
Desiderata for messaging protocols
The limits of deniability?
When is (cryptographic) deniability useful?
A new kind of attack
The dangers of undeniable communications
What do deniable protocols look like?
Deniable protocols: Off-the-Record (OTR)
Deniable protocols: Signal Protocol
An overview of our attack
Key point: TEEs let us prove that a key was secret
Modifying a Signal client
The result: an attested transcript
Demo
Switch to online-deniable protocols
Defensive remote attestation
Put the human in the loop
Countermeasures
Not just messaging protocols
Black Hat Sound Bytes