Learn about CaSE (Cache-Assisted Secure Execution), a framework designed to protect sensitive code and data on ARM processors against both software attacks and hardware memory disclosure attacks like cold boot attacks. Explore how this 23-minute IEEE conference talk combines ARM TrustZone and Cache-as-RAM techniques to create an isolated execution environment that encrypts applications in memory and decrypts them only within the processor. Discover the implementation details on an ARM Cortex-A8 processor, including the use of cache locking, self-modifying programs, and performance impacts on cryptographic algorithms like AES, RSA, and SHA1.
CaSE- Cache-Assisted Secure Execution on ARM Processors
Overview
Syllabus
Intro
Talk Outline Motivation and Background - Why this work? Threat Model - What are we defending against ? Case: Cache Assisted Secure Execution - How does it work?
ARM TrustZone - Trusted Execution Environment (TEE) System Wide Protection
Hardware Attacks - Cold Boot Attack
Previous Works on Coldboot Defense
Controlling the Cache Cache Locking is available through L2 cache lockdown CP15 coprocessor
SOC-Bound Execution - Cache Locking
Self Modifying Program
Feasibility of using Cache as Memory
Performance Impact to the Application
Performance Impact to the System
Conclusion A secure cache-assisted Soc-bound execution framework Provide confidentiality and integrity to sensitive code and data of applications
Taught by
IEEE Symposium on Security and Privacy
