Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security Practice and Experience

ISPEC 2017: Information Security Practice and Experience pp 802–813Cite as

An Effective Authentication for Client Application Using ARM TrustZone

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10701))

Abstract

Owing to lack of authentication for client application (CA), traditional protection mechanism based on ARM TrustZone may lead to the sensitive data leakage within trusted execution environment (TEE). Furthermore, session resources will be occupied by malicious CA due to the design drawback for session mechanism between CA and trusted application (TA). Therefore, attackers can initiate a request to read the data stored in secure world or launch DoS attack by forging malicious CA. In order to address the authentication problems, this paper proposes a CA authentication scheme using ARM TrustZone. When CA establishes a session with trusted application, a CA authentication will be executed in TEE to prevent sensitive data from being accessed by malicious. At the same time, TA closes the session and releases occupied resources. The proposed authentication scheme is implemented on simulation platform built by QEMU and OP-TEE. The experimental results show that the proposed scheme can detect the content change of CA, avoid sensitive data leakage and prevent DoS attack.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Yang, X., Liu, Z., Lei, H., et al.: Research and implementation of fingerprint identification security technology based on ARM TrustZone. Comput. Sci. 43(7), 147–152 (2016)

    Google Scholar 

  2. Zhang, N., Sun, K., Lou, W., et al.: CaSE: cache-assisted secure execution on ARM processors. In: 2016 IEEE Symposium on Security and Privacy, pp. 72–90. IEEE, San Jose (2016)

    Google Scholar 

  3. Ge, X., Vijayakumar, H., Jaeger, T.: Sprobes: enforcing kernel code integrity on the TrustZone architecture. Comput. Sci. 25(6), 1793–1795 (2014)

    Google Scholar 

  4. Wool, A., Wool, A.: Secure containers in Android: the Samsung KNOX case study. In: The Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 3–12. ACM, Vienna (2016)

    Google Scholar 

  5. Shen, D.: Exploiting Trustzone on Android. Black Hat USA Briefings. https://www.blackhat.com/docs/us-15/materials/us-15-Shen-Attacking-Your-Trusted-CoreExploiting-Trustzone-On-Android-wp.pdf

  6. ARM Limited.: ARM Security Technology: Building a Secure System using TrustZone® Technology

    Google Scholar 

  7. OP-TEE. https://github.com/OP-TEE/optee_os. Accessed 1 Oct 2017

  8. Linaro. https://www.linaro.org/blog/core-dump/op-tee-open-source-security-mass-market/

  9. Fitzek, A., Achleitner, F., Winter, J., et al.: The ANDIX research OS — ARM TrustZone meets industrial control systems security. In: 13th International Conference on Industrial Informatics, pp. 88–93. IEEE, Cambridge (2015)

    Google Scholar 

  10. Sun, H., Sun, K., Wang, Y., et al.: TrustICE: hardware-assisted isolated computing environments on mobile devices. In: 15th IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 367–378. IEEE, Rio de Janeiro (2015)

    Google Scholar 

  11. Winter, J., Wiegele, P., Pirker, M., Tögl, R.: A flexible software development and emulation framework for ARM TrustZone. In: Chen, L., Yung, M., Zhu, L. (eds.) INTRUST 2011. LNCS, vol. 7222, pp. 1–15. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32298-3_1

    Chapter  Google Scholar 

  12. Rijswijk-Deij, R.V., Poll, E.: Using trusted execution environments in two-factor authentication: comparing approaches. Open Identity Summit, pp. 387–393 (2013)

    Google Scholar 

  13. Coombs, R: Securing the future of authentication with ARM TrustZone-based trusted execution environment and fast identity online (FIDO). ARM White paper (2015)

    Google Scholar 

  14. Jang, J., Kong, S., Kim, M., et al.: SeCReT: secure channel between rich execution environment and trusted execution environment. In: Network and Distributed System Security Symposium (2015)

    Google Scholar 

  15. Zhao, X., Yu, Q., et al.: A private user data protection mechanism in TrustZone architecture based on identity authentication. Tsinghua Sci. Technol. 22(2), 218–225 (2017)

    Article  Google Scholar 

  16. Zhao, B., Ma, J., Xiao, Y., et al.: TSSP: a session scheduling method in TrustZone architecture. Adv. Eng. Sci. 49(1), 151–158 (2017)

    Google Scholar 

Download references

Acknowledgment

Thanks to project supported by the National Natural Science Foundation of China (No. 61572516).

Author information

Authors and Affiliations

  1. State Key Laboratory of Mathematic Engineering and Advanced Computing, Zhengzhou, China

    Hang Jiang, Rui Chang, Lu Ren, Weiyu Dong & Liehui Jiang

  2. School of Information Technology, Deakin University, Geelong, Australia

    Shuiqiao Yang

Authors
  1. Hang Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rui Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lu Ren
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Weiyu Dong
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Liehui Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Shuiqiao Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rui Chang .

Editor information

Editors and Affiliations

  1. Monash University, Clayton, Victoria, Australia

    Joseph K. Liu

  2. University of Milan, Milan, Italy

    Pierangela Samarati

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Jiang, H., Chang, R., Ren, L., Dong, W., Jiang, L., Yang, S. (2017). An Effective Authentication for Client Application Using ARM TrustZone. In: Liu, J., Samarati, P. (eds) Information Security Practice and Experience. ISPEC 2017. Lecture Notes in Computer Science(), vol 10701. Springer, Cham. https://doi.org/10.1007/978-3-319-72359-4_50

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-72359-4_50

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-72358-7

  • Online ISBN: 978-3-319-72359-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation