SeCReT: Secure Channel between Rich Execution Environment and Trusted Execution Environment
نویسندگان
چکیده
ARM TrustZone, which provides a Trusted Execution Environment (TEE), normally plays a role in keeping security-sensitive resources safe. However, to properly control access to the resources, it is not enough to just isolate them from the Rich Execution Environment (REE). In addition to the isolation, secure communication should be guaranteed between security-critical resources in the TEE and legitimate REE processes that are permitted to use them. Even though there is a TEE security solution — namely, a kernel-integrity monitor — it aims to protect the REE kernel’s static regions, not to secure communication between the REE and TEE. We propose SeCReT to ameliorate this problem. SeCReT is a framework that builds a secure channel between the REE and TEE by enabling REE processes to use session keys in the REE that is regarded as unsafe region. SeCReT provides the session key to a requestor process only when the requestor’s code and control flow integrity are verified. To prevent the key from being exposed to an attacker who already compromised the REE kernel, SeCReT flushes the key from the memory every time the processor switches into kernel mode. In this paper, we present the design and implementation of SeCReT to show how it protects the key in the REE. Our prototype is implemented on Arndale board, which offers a Cortex-A15 dual-core processor with TrustZone as its security extension. We performed a security analysis by using a kernel rootkit and also ran LMBench microbenchmark to evaluate the performance overhead imposed by SeCReT.
منابع مشابه
TruSense: Information Leakage from TrustZone
With the emergence of Internet of Things, mobile devices are generating more network traffic than ever. TrustZone is a hardware-enabled trusted execution environment for ARM processors. While TrustZone is effective in providing the muchneeded memory isolation, we observe that it is possible to derive secret information from secure world using the cache contention, due to its high-performance ca...
متن کاملSecure Application Execution in Mobile Devices
Smart phones have rapidly become hand-held mobile devices capable of sustaining multiple applications. Some of these applications allow access to services including healthcare, financial and online social networks and are becoming common in the smart phone environment. From a security and privacy point of view, this seismic shift is creating new challenges, as the smart phone environment is bec...
متن کاملMobile devices as secure eid reader using trusted execution environments
This work presents a prototype implementation of a smartphone as secure eID reader using NFC technology. The presented approach aims to reach a security level close to standalone smart card readers. This security level will be allowed by the means of a trusted execution environment (TEE) which allows strong isolation and separation for critical applications and provides trusted, not interceptab...
متن کاملTrusted Code Execution on Untrusted Platforms Using Intel Sgx
Today, isolated trusted computation and code execution is of paramount importance to protect sensitive information and workfl ows from other malicious privileged or unprivileged software. Intel Software Guard Extensions (SGX) is a set of security architecture extensions fi rst introduced in the Skylake microarchitecture that enables a Trusted Execution Environment (TEE). It provides an ‘inverse...
متن کاملSAKE: Software Attestation for Key Establishment in Sensor Networks
This paper presents a protocol called SAKE (Software Attestation for Key Establishment), for establishing a shared key between any two neighboring nodes of a sensor network. SAKE guarantees the secrecy and authenticity of the key that is established, without requiring any prior authentic or secret information in either node. In other words, the attacker can read and modify the entire memory con...
متن کامل