[Cryptech Tech] ARM trust zone

[Joachim Strömbergson]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

Peter Gutmann wrote:
> The hack described in there compromised the (insecure) TrustZone,
> then attacked the supposedly-insecure rest of the system from inside
> the security perimeter.  It's one of those neat "the calls are coming
> from *inside the house*" type of attacks :-).

- From my experience talking to and working with TrustZone, TEE people
that is really part of the security model though. If you can get an
escape from the TA inside the TEE, most people seem in the field seems
to understand that any secrets inside the TEE are then free for taking.

Right now, most TEE implementations are using thin process separation
mechanism. The purpose is to protect against escapes and problems in the
REE, and trust that the other TAs inside the TEE are doing their job.

The ones that don't like this are the ones pushing for having a Secure
Element as the next protection level.


Side note:
I don't know how much you Peter yet have looked at the FIDO
authentication standards (esp UAF). One thing that really scares med
with that standard is the inclusion of an Extension DOM in every
important message.

An extension with a boolean that tells the receiver (the client i.e. the
mobile phone) what to do if one module/handler in the local stack don't
know how to handle the extension.

The DOM can be of arbitrary size and have any fields as long as it is a
DOM. If the FIDO client does not know how to handle this DOM and the
flag is set to false, it must then send it down the stack to lower
levels which then must try to parse the DOM too. And pretty soon you end
up with a DOM parser inside a TA in the TEE... (What could possibly go
wrong with forcing every layer to have their own parser, esp in
constrained environments.)

FIDO is really interesting in many ways. You could probably write a
chapter for Engineering Security on its security model, design,
mechanisms etc. ;-)

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJU6jv3AAoJEF3cfFQkIuyNvjAQAJkbNmwV7/uUDdYmVFd682+y
TWHlaSWiaIjfbZenwA+XYWX6lSeXIkKcecsNveNJ2Yi9UUZ+rynQLD845FkIfRak
wureg3nn+DRQEdAVmK5kGTlgDg0xx9ijVuBU7LmsiDMClkR4bTRvd6oX/zl3LZsk
p3wgT0lG6WE96gCg6teITLgrJ6Zcjam8P2K+KZ7koSFBX4fy+W2ll9l7ouUZnj0m
Pc7ju79ngA9epeZKahC3yCkxSluPsx8yqtimF6e10yw0twTjap3Pv2XNCAbSPNpP
GB6FEk4g6YmDMyol+sRoqn5FXxNPcH0qjsI/wxgwSJ7XZ1o7aDZaRd7xILlx0sLb
JIgIMrvWpm/aM+c0YuuM2xaVs1wRTv1JsVUz1kdgiGHSvCHc6j9ldoYNTzF6Aqgl
mCyPdhLkqSBJzsPp7bNzuk6IWiRjykmL07lwUEnQNIeiitGilWWpsb7QiQnk88FM
j/aMDeU4KqIPPnZmiBzifkhNqwS2zf0veTLfXOhQ5hnDdXeCWkx4EFm63RljVEYB
5OQLVBZfVCyAkdy4g2Knk4fdH67MlJ2uskTgmaaR6deTBgcJUWMl0MLJ/2cLDwk7
Pg9PtnnnOMeQznk0h7FxYfmvNCpCcHKKWkWwScffnQ5HfkF4JxVkwPeo+TIByL8u
zHOf2gzfxfjp//HPn847
=zloy
-----END PGP SIGNATURE-----