OP-TEE: Using the ARM Trust-Zone to Control Tamper Resistant Processors - Jorge Ramirez-Ortiz
HTML-код
- Опубликовано: 3 окт 2023
- OP-TEE: Using the ARM Trust-Zone to Control Tamper Resistant Processors - Jorge Ramirez-Ortiz, Foundries.io.Ltd.
Whether your ARM-based system uses secure elements, enclaves or cryptographic blocks, accessing them from a Trusted Execution Environment adds an additional layer of security and features.
In this session, we will describe two different alternatives that we recently up-streamed: the NXP SE05X EdgeLock Secure Element and the AMD/Xilinx Versal ACAP Security Library; both executing in external CPU cores with their own operating systems, both providing access to persistent storage and cryptographic operations, both controlled from the Trusted Execution Environment: the former using a trampoline to the Linux kernel to gain access to the I2C bus, the later using secure monitor calls to another exception level.
We will cover how not only Trusted Applications executing in the TEE but also standard Normal World applications and libraries like OpenSSL can control these secure cores. And we will also cover how OP-TEE extends the security capabilities of any processor with its own cryptographic library and its secure storage capabilities backed by compliance with the Global Platform API specification.
And if you are already an OP-TEE power user, we welcome any security-related questions.
