Scribd
Upload
27 views15 pages

Open TEE Intro

Uploaded by

Purnomo Wahyu Hidayat
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
27 views15 pages

Open TEE Intro

Uploaded by

Purnomo Wahyu Hidayat
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 15

Open-TEE Tutorial

An open virtual Trusted Execution Environment

Brian McGillion, Tanel Dettenborn


Intel
N. Asokan
Aalto University and University of Helsinki
What is a TEE?

Execution Environment

2
What is a TEE?

Processor, memory,
storage, peripherals

Trusted Execution Environment

Isolated and integrity-


protected Chances are that:
You have devices with hardware-based TEEs in them!
But you probably don’t have (m)any apps using them

From the “normal” execution environment


(Rich Execution Environment)

Mobile Trusted Computing. Proceedings of the IEEE 102(8): 1189-1206 (2014)


The Untapped Potential of Trusted Execution Environments on Mobile Devices. IEEE Security & Privacy 12(4): 29-37 (2014) 3
Outline
• Introduction - Asokan
– Why do mobile devices have TEEs?
– What constitutes a TEE?
– Mobile hardware security APIs

• Nuts and Bolts of Open-TEE - Brian

4
Why do most mobile devices today have TEEs?

A LOOK BACK
Platform security for mobile devices
Mobile network operators
Regulators
1. Subsidy locks  immutable ID
1. RF type approval  secure storage
2. Copy protection  device
2. Theft deterrence  immutable ID
authentication, app separation
3. …
3. …

End users
1. Reliability  app separation Closed  open
2. Theft deterrence  immutable ID
3. Privacy  app separation
Different expectations
4. … compared to PCs

6
Early adoption of platform security
GSM 02.09, 1993

3GPP TS 42.009, 2001

Different starting points compared to PCs:


Widespread use of hardware and software platform security

~2001 ~2002 ~2005 ~2008

Old, new, borrowed, blue --: a perspective on the evolution of mobile platform security
architectures. CODASPY 2011: 13-24
7
TEE system architecture

Device

Rich execution
environment (REE) Architectures with single TEE
• ARM TrustZone
Trusted execution
App App • TI M-Shield
environment (TEE)
• Smart card
TEE API
• Crypto co-processor
Trusted Trusted
app app • Trusted Platform Module
Device OS (TPM)
TEE management layer
Architectures with multiple TEEs
• Intel SGX
TEE entry • TPM (and “Late Launch”)
• Hypervisor
Device hardware and firmware with TEE support

8
Figure adapted from: Global Platform. TEE system architecture. 2011.
Legend:
SoC : system-on-chip
OTP: one-time programmable

TEE hardware realization alternatives


TEE component

External Off-chip External Off-chip External Off-chip


Peripherals memory Peripherals Memory Peripherals Memory

On-SoC On-SoC On-SoC


Processor Processor Processor
RAM ROM core(s) RAM ROM core(s) RAM ROM core(s)

OTP Internal OTP Internal OTP Internal


Fields peripherals Fields peripherals Fields peripherals

On-chip Security
Subsystem

External Security
Co-processor

External Secure Element Embedded Secure Element Processor Secure Environment


(TPM, smart card) (smart card) (TrustZone, M-Shield)
9
Figure adapted from: Global Platform. TEE system architecture. 2011.
Mobile TEE deployment

• TrustZone support available in majority of


current smartphones
• Mainly used for manufacturer internal purposes
– Digital rights management, Subsidy lock…

Normal world Secure world


• APIs for developers?
App App

Trusted Trusted
app app
Mobile OS
Trusted OS

TEE entry
Smartphone hardware

10
Android Key Store API
Android Key Store example

// create RSA key pair


Context ctx;
KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec.Builder(ctx);
spec.setAlias(”key1")

spec.build();

KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");


gen.initialize(spec);
KeyPair kp = gen.generateKeyPair();

// use private key for signing


AndroidRsaEngine rsa = new AndroidRsaEngine("key1", true);
PSSSigner signer = new PSSSigner(rsa, …);
signer.init(true, …);
signer.update(signedData, 0, signedData.length);
byte[] signature = signer.generateSignature();
Elenkov. Credential storage enhancements in Android 4.3. 2013.
Elenkov, Keystore redesign in Android M, 2015. 11
Key Store implementation: example

Android device

Normal world Secure world Keymaster operations


Android Android • Public key algorithms
app app
• Symmetric key algorithms (AES,
Java Cryptography
Extensions (JCE) Keymaster HMAC) from v1.0
Trusted app
• Access control, key usage
Android OS
Qualcomm Secure
Execution Environment
restrictions
libQSEEcomAPI.so (QSEE)

Persistent storage on Normal World


TEE entry
ARM with TrustZone

Elenkov. Credential storage enhancements in Android 4.3. 2013.


Android, Hardware-backed Keystore, 2015 12
Android Key Store
• Available operations
– Signatures
– Encryption/decryption
• Developers cannot utilize programmability of mobile TEEs
– Not possible to run arbitrary trusted applications

• Global Platform is standardizing TEE APIs

• Different API abstraction and architecture needed…


• Example: On-board Credentials
Open-TEE
• Specifications provide sufficient basis for TA development

• Issues
– Application installation (provisioning) model not yet defined
– Access to TEE typically controlled by the manufacturer
– User interaction

• Open TEE
– Virtual TEE platform for prototyping and testing
– Implements GP TEE interfaces
– https://github.com/Open-TEE
Open-TEE - An Open Virtual Trusted Execution
Environment. TrustCom/BigDataSE/ISPA (1) 2015: 400-407

http://www.theregister.co.uk/2015/06/30/opentee_an_open_virtual_trusted_execution_environment/
Extra slides

You might also like