ABSTRACT
Hardware security architectures and primitives are becoming increasingly important in practice providing trust anchors and trusted execution environment to protect modern IT systems, and particularly secure the insecure legacy software. Emerging applications, for instance in IoT area, increasingly involve large numbers of connected and heterogeneous device swarms and pose crucial security and privacy challenges on the underlying devices. Over the past two decades we have seen various hardware security solutions and trends in practice from Trusted Platform Modules (TPM), ARM's TrustZone, and Physically Unclonable Functions (PUFs), to very recent advances such as Intel's Software Guard Extension (SGX) and Control-Flow Enforcement technology (CET). However, despite their advantages these solutions are rarely used by third party developers, make strong trust assumptions about manufacturers, are too expensive for small constrained devices, do not easily scale, or suffer from information leakage. In this talk we will discuss the real-world impact of hardware-based security solutions, their strengths and shortcomings as well as new research directions.
Index Terms
- Hardware-Assisted Security: Promises, Pitfalls and Opportunities
Recommendations
Hardware Security and Trust: A New Battlefield of Information
Decision and Game Theory for SecurityAbstractHardware security and trust has received a lot of attention in the past 25 years. The purpose of this paper is to introduce the fundamental problems related to hardware security and trust to audiences who do not necessarily have hardware design ...
Hardware-Backed Heist: Extracting ECDSA Keys from Qualcomm's TrustZone
CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications SecurityTrusted Execution Environments (TEEs) such as ARM TrustZone are in widespread use in both mobile and embedded devices, and they are used to protect sensitive secrets while often sharing the same computational hardware as untrusted code. Although there ...
Performance evaluation of the SRE and SBPG components of the IoT hardware platform security advisor framework
AbstractThe applications of Internet of Things (IoT) and associated technologies have been spreading rapidly across a wide range of domains, including environmental monitoring, home automation, and supply chain, having a significant bearing on ...
Comments