Open-TEE is no longer virtual: Towards software-only trusted execution environments using white-box cryptography

Kemal Bicakci; Ihsan Kagan Ak; Betul Askin Ozdemir; Mesut Gozutok

doi:10.1109/TPS-ISA48467.2019.00029

Open-TEE is no longer virtual: Towards software-only trusted execution environments using white-box cryptography

Kemal Bicakci
, Ihsan Kagan Ak
, Betul Askin Ozdemir
, Mesut Gozutok

TOBB University of Economics and Technology
Middle East Technical University
Turkish Armed Forces Foundation

Araştırma çıktısı: Kitap/Rapor/Konferans Bildirisinde Bölüm › Konferans katkısı › Hakem

Özet

Trusted Execution Environments (TEEs) provide hardware support to isolate the execution of sensitive operations on mobile phones for improved security. However, they are not always available to use for application developers. To provide a consistent user experience to those who have and do not have a TEE-enabled device, we could get help from Open-TEE, an open-source GlobalPlatform (GP)-compliant software TEE emulator. However, Open-TEE does not offer any of the security properties hardware TEEs have. In this paper, we propose WhiteBox-TEE which integrates white-box cryptography with Open-TEE to provide better security while still remaining complaint with GP TEE specifications. We discuss the architecture, provisioning mechanism, implementation highlights, security properties and performance issues of WhiteBox-TEE and propose possible revisions to TEE specifications to have better use of white-box cryptography in software-only TEEs.

Orijinal dil	İngilizce
Ana bilgisayar yayını başlığı	Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019
Yayınlayan	Institute of Electrical and Electronics Engineers Inc.
Sayfalar	177-183
Sayfa sayısı	7
ISBN (Elektronik)	9781728167411
DOI'lar	https://doi.org/10.1109/TPS-ISA48467.2019.00029
Yayın durumu	Yayınlandı - Ara 2019
Harici olarak yayınlandı	Evet
Etkinlik	1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019 - Los Angeles, United States Süre: 12 Ara 2019 → 14 Ara 2019

Yayın serisi

Adı	Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019

???event.eventtypes.event.conference???

???event.eventtypes.event.conference???	1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019
Ülke/Bölge	United States
Şehir	Los Angeles
Periyot	12/12/19 → 14/12/19

Bibliyografik not

Publisher Copyright:
© 2019 IEEE.

Finansman

This work is supported by TUBITAK (The Scientific and Technological Research Council of Turkey), Grant no: 5170076.

Finansörler	Finansör numarası
TUBITAK
Türkiye Bilimsel ve Teknolojik Araştirma Kurumu	5170076

Belgeye Erişim

10.1109/TPS-ISA48467.2019.00029

Diğer Dosyalar ve Linkler

Link to publication in Scopus

Alıntı Yap

Bicakci, K., Ak, I. K., Ozdemir, B. A., & Gozutok, M. (2019). Open-TEE is no longer virtual: Towards software-only trusted execution environments using white-box cryptography. In Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019 (pp. 177-183). Makale 9014373 (Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/TPS-ISA48467.2019.00029

Bicakci, Kemal ; Ak, Ihsan Kagan ; Ozdemir, Betul Askin et al. / Open-TEE is no longer virtual : Towards software-only trusted execution environments using white-box cryptography. Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 177-183 (Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019).

@inproceedings{62a3a30cad3f4610b704fa9ebbd956ad,

title = "Open-TEE is no longer virtual: Towards software-only trusted execution environments using white-box cryptography",

abstract = "Trusted Execution Environments (TEEs) provide hardware support to isolate the execution of sensitive operations on mobile phones for improved security. However, they are not always available to use for application developers. To provide a consistent user experience to those who have and do not have a TEE-enabled device, we could get help from Open-TEE, an open-source GlobalPlatform (GP)-compliant software TEE emulator. However, Open-TEE does not offer any of the security properties hardware TEEs have. In this paper, we propose WhiteBox-TEE which integrates white-box cryptography with Open-TEE to provide better security while still remaining complaint with GP TEE specifications. We discuss the architecture, provisioning mechanism, implementation highlights, security properties and performance issues of WhiteBox-TEE and propose possible revisions to TEE specifications to have better use of white-box cryptography in software-only TEEs.",

keywords = "Open-TEE, SPACE algorithm, Secure storage, Trusted execution environment, White-box cryptography",

author = "Kemal Bicakci and Ak, \{Ihsan Kagan\} and Ozdemir, \{Betul Askin\} and Mesut Gozutok",

note = "Publisher Copyright: {\textcopyright} 2019 IEEE.; 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019 ; Conference date: 12-12-2019 Through 14-12-2019",

year = "2019",

month = dec,

doi = "10.1109/TPS-ISA48467.2019.00029",

language = "English",

series = "Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "177--183",

booktitle = "Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019",

address = "United States",

}

Bicakci, K, Ak, IK, Ozdemir, BA & Gozutok, M 2019, Open-TEE is no longer virtual: Towards software-only trusted execution environments using white-box cryptography. in Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019., 9014373, Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019, Institute of Electrical and Electronics Engineers Inc., pp. 177-183, 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019, Los Angeles, United States, 12/12/19. https://doi.org/10.1109/TPS-ISA48467.2019.00029

Open-TEE is no longer virtual: Towards software-only trusted execution environments using white-box cryptography. / Bicakci, Kemal; Ak, Ihsan Kagan; Ozdemir, Betul Askin et al.
Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019. Institute of Electrical and Electronics Engineers Inc., 2019. p. 177-183 9014373 (Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019).

Araştırma çıktısı: Kitap/Rapor/Konferans Bildirisinde Bölüm › Konferans katkısı › Hakem

TY - GEN

T1 - Open-TEE is no longer virtual

T2 - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019

AU - Bicakci, Kemal

AU - Ak, Ihsan Kagan

AU - Ozdemir, Betul Askin

AU - Gozutok, Mesut

PY - 2019/12

Y1 - 2019/12

N2 - Trusted Execution Environments (TEEs) provide hardware support to isolate the execution of sensitive operations on mobile phones for improved security. However, they are not always available to use for application developers. To provide a consistent user experience to those who have and do not have a TEE-enabled device, we could get help from Open-TEE, an open-source GlobalPlatform (GP)-compliant software TEE emulator. However, Open-TEE does not offer any of the security properties hardware TEEs have. In this paper, we propose WhiteBox-TEE which integrates white-box cryptography with Open-TEE to provide better security while still remaining complaint with GP TEE specifications. We discuss the architecture, provisioning mechanism, implementation highlights, security properties and performance issues of WhiteBox-TEE and propose possible revisions to TEE specifications to have better use of white-box cryptography in software-only TEEs.

AB - Trusted Execution Environments (TEEs) provide hardware support to isolate the execution of sensitive operations on mobile phones for improved security. However, they are not always available to use for application developers. To provide a consistent user experience to those who have and do not have a TEE-enabled device, we could get help from Open-TEE, an open-source GlobalPlatform (GP)-compliant software TEE emulator. However, Open-TEE does not offer any of the security properties hardware TEEs have. In this paper, we propose WhiteBox-TEE which integrates white-box cryptography with Open-TEE to provide better security while still remaining complaint with GP TEE specifications. We discuss the architecture, provisioning mechanism, implementation highlights, security properties and performance issues of WhiteBox-TEE and propose possible revisions to TEE specifications to have better use of white-box cryptography in software-only TEEs.

KW - Open-TEE

KW - SPACE algorithm

KW - Secure storage

KW - Trusted execution environment

KW - White-box cryptography

UR - https://www.scopus.com/pages/publications/85082239883

U2 - 10.1109/TPS-ISA48467.2019.00029

DO - 10.1109/TPS-ISA48467.2019.00029

M3 - Conference contribution

AN - SCOPUS:85082239883

T3 - Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019

SP - 177

EP - 183

BT - Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 12 December 2019 through 14 December 2019

ER -

Bicakci K, Ak IK, Ozdemir BA, Gozutok M. Open-TEE is no longer virtual: Towards software-only trusted execution environments using white-box cryptography. In Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019. Institute of Electrical and Electronics Engineers Inc. 2019. p. 177-183. 9014373. (Proceedings - 1st IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2019). doi: 10.1109/TPS-ISA48467.2019.00029

Open-TEE is no longer virtual: Towards software-only trusted execution environments using white-box cryptography

Özet

Yayın serisi

???event.eventtypes.event.conference???

Bibliyografik not

Finansman

Belgeye Erişim

Diğer Dosyalar ve Linkler

Parmak izi

Alıntı Yap