OP-TEE: Using TrustZone to Protect Our Own Secrets

Explore the potential of ARM TrustZone technology for securing sensitive data in this informative conference talk. Delve into how TrustZone can protect VPN keys, run software TPMs, and manage feature licenses, even in the face of a compromised kernel. Learn about the recent integration of OP-TEE infrastructure in Linux 4.12, which provides a standardized interface and open-source implementation for Trusted Execution Environments (TEEs). Discover how this technology shift allows for running small applications separately from the main Linux environment, prioritizing user data protection. Gain insights into the underlying technology, its practical applications, and the remaining challenges for full functionality. Benefit from the expertise of Marc Kleine-Budde, a Linux kernel maintainer and computer engineering specialist from Pengutronix e.K., as he shares his knowledge on this cutting-edge security feature.