Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Using OP-TEE as a Cryptography Engine

Linux Foundation via YouTube

Overview

Explore the use of OP-TEE as a cryptography engine in this comprehensive conference talk. Delve into the challenges of secure storage in the Internet of Things era and learn about SoC security features. Discover the fundamentals of OP-TEE, including new platform bring-up, RNG driver implementation, and hardware crypto accelerators. Examine the process of accessing OP-TEE from Linux, understanding Trusted Applications, and implementing minimal AES code. Gain insights into building a secure storage system, including storage application flow and slot operations. Investigate Linux userspace access libraries, kernel integration, and OpenSSL integration. Conclude with a summary of key takeaways for implementing OP-TEE as a robust cryptography solution.

Syllabus

Intro
The Internet of Things is Here
How Do We Store Things Securely?
SoC Security Features
What is OP-TEE?
Outline
OP-TEE New Platform Bring-up
Background
RNG Driver Plan
Crypto RNG API
Basic Driver Implementation
Configuration
HW Crypto Accelerators
crypto hash.ops
Peek into alloc
What is drvcrypt?
drvcrypt flow
Initialization and Registration
HW Alloc Implementation
HW Context Struct
Accessing OP-TEE From Linux
Trusted Application
What is a TEE Operation?
What are TEE Objects?
Minimal TA Interface II
Minimal AES code
Minimal Example Caveats
Building a Secure Storage System
Storage Application Flow
Slot Ops
Opening a Slot
Remaining TA Pieces
Linux Userspace Access Library
Linux kernel Integration
struct cipher alg
OpenSSL Integration
PKCS#11
Summary

Taught by

Linux Foundation

Reviews

Start your review of Using OP-TEE as a Cryptography Engine

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.