| 摘要 |
Methods and systems for preventing clock rollback attacks are described herein. A rollback attack may occur when a user manually sets a system clock to a date/time earlier than the actual present day date and time, thereby tricking any software relying on the system clock to believe it is in fact the earlier date and time rather than the current date and time. According to aspects described herein, a particular application may check and store a record of the system time when an application goes inactive (or at intervals) and again when the application subsequently is activated again. When the application determines that the time has gone backward, the application (or system) may take some remedial measure(s) to prevent further use of the application (or system) until the user reestablishes trust (e.g., by reauthenticating or reestablishing a connection with a trusted time server). |
