Unicorn: Two-Factor Attestation for Data Security
Malware and phishing are two major threats for users seeking to perform security-sensitive tasks using computers to-day. To mitigate these threats, the authors introduce Unicorn, which combines the phishing protection of standard security tokens and malware protection of trusted computing hardware. The Unicorn security token holds user authentication credentials, but only releases them if it can verify an attestation that the user's computer is free of malware. In this way, the user is released from having to remember passwords, as well as having to decide when it is safe to use them.