Abstract
Trusted Execution Environments (TEEs) provide hardware support to isolate the execution of sensitive operations on mobile phones for improved security. However, they are not always available to use for application developers. To provide a consistent user experience to those who have and do not have a TEE-enabled device, we could get help from Open-TEE, an open-source GlobalPlatform (GP)-compliant software TEE emulator. However, Open-TEE does not offer any of the security properties hardware TEEs have. In this paper, we propose WhiteBox-TEE which integrates white-box cryptography with Open-TEE to provide better security while still remaining complaint with GP TEE specifications. We discuss the architecture, provisioning mechanism, implementation highlights, security properties and performance issues of WhiteBox-TEE and propose possible revisions to TEE specifications to have better use of white-box cryptography in software-only TEEs.
Original language | English |
---|---|
Title of host publication | Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019 |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 177-183 |
Number of pages | 7 |
ISBN (Electronic) | 9781728167411 |
DOIs | |
Publication status | Published - Dec 2019 |
Externally published | Yes |
Event | 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019 - Los Angeles, United States Duration: 12 Dec 2019 → 14 Dec 2019 |
Publication series
Name | Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019 |
---|
Conference
Conference | 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019 |
---|---|
Country/Territory | United States |
City | Los Angeles |
Period | 12/12/19 → 14/12/19 |
Bibliographical note
Publisher Copyright:© 2019 IEEE.
Funding
This work is supported by TUBITAK (The Scientific and Technological Research Council of Turkey), Grant no: 5170076.
Funders | Funder number |
---|---|
TUBITAK | |
Türkiye Bilimsel ve Teknolojik Araştirma Kurumu | 5170076 |
Keywords
- Open-TEE
- Secure storage
- SPACE algorithm
- Trusted execution environment
- White-box cryptography