Collaborate Disseminate
I’m trying to make a device that will encrypt and store data. It should require a master password at startup, but then shouldn’t need anything else to decrypt the data throughout the lifetime of the program. It also should be secure, i.e. … Continue reading HSM for Secure Encrypted Data Storage
Recently I learned about TEE in Android, Trusty OS and its internals. I read through the articles on source.android.com and there is one thing I did not find there.
Trusty OS has its own API which allows TEE applications to expose ports an… Continue reading Security of Trusty OS (TEE) Non-Secure World API
There are different scenarios when it’s about secure computation/storage on mobile devices, e.g., "REE only", "REE + TEE", or "REE + SE" or "REE + TEE + SE".
REE – Real Execution Environment, i.e. de… Continue reading How to distribute Android mobile app functionality between OS, Trusted Execution Environment (TEE) and Secure Element (SE)?
From the perspective of security and privacy protection in Machine Learning (ML), I’m wondering why are there few applications combining AMD SEV and ML?
Speaking of SGX, there are multiple ML applications developed with SGX, e.g., addressi… Continue reading TEE applications: AMD SEV vs Intel SGX
What I found so far is that
Application requests TA service using qseecom kernel driver.
Monitor route that request and TA handles the request in Secure world and return the result.(generated private key).
The application get the result(s… Continue reading Access control for SMC call in TrustZone
I find that names and terms used in relation to Trusted (Trustworthy, Confidential,..) Computing are highly interchanged and thus creating confusion for laymen as am I.
Trusted Computing has been around since the 90’s and the idea is being… Continue reading Hardware roots of trust nowadays
Recent years had seen a rise in many open-sourced projects developing tools to support program execution in TEEs (SGX, OP-TEE in ARM, Microsoft Azure) across platforms (the CCC’s Enarx, SGX SDK,..) essentially enabling trusted app executio… Continue reading How can a hardware-based TEE supplement TPMs?
I would like to verify that users are running particular source code. Is there a way this could be achieved?
I want to verify that the original "algorithm" has been followed correctly if you will. What I need is for the user to s… Continue reading Is there a way to verify what code has been run? Maybe TEE?
What is the difference betwen a Trusted Computing Base (TCB) and a Root of Trust (RoT)? Can both terms be used interchangeably?
A TCB is defined by the NIST as follows:
Totality of protection mechanisms within a computer system, including… Continue reading What is the difference betwen a Trusted Computing Base and a Root of Trust?
Is confidential computing/hardware-based trusted execution environment (TEE) the missing security jigsaw puzzle to counter data exfiltration?
Today, we already have data encrypted at rest and data encrypted in transit (TLS) widely adopted…. Continue reading Would confidential computing/hardware-based TEE be the missing security jigsaw puzzle to counter data exfiltration?