Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Unearthing the TrustedCore - A Critical Review on Huawei’s Trusted Execution Environment

USENIX via YouTube

Overview

Explore a critical review of Huawei's Trusted Execution Environment (TEE) implementation, TrustedCore, in this award-winning conference talk. Delve into the reverse-engineering process of TC's components, their interconnections, and integration with the Android system. Uncover multiple severe design and implementation flaws affecting popular Huawei devices. Examine the Trusted Application (TA) loader, revealing vulnerabilities that compromise code confidentiality. Investigate the design of Huawei's keystore system and its impact on hardware-backed cryptography and full-disk encryption. Learn about an exploitable memory corruption within the keymaster TA, enabling arbitrary code execution within ARM TrustZone. Discover how researchers bypassed mitigation techniques like stack canaries and Address Space Layout Randomization (ASLR). Gain insights into the responsible disclosure process and the implications of these findings for mobile device security.

Syllabus

Intro
Motivation
Outline
Trusted Execution Environments (TEES)
ARM Trustzone on ARMVB-A Systems
TEEs in the Field (on Android)
Overview
TrustedCore - Normal World
TrustedCore-Secure World
Loading Encrypted Trusted Applications (cont.)
Protection of Crypto Keys
Scope & Consequences
Export-Protected Crypto Keys
The Key Encryption Key (KEK)
Memory Corruption in keymaster TA
Exploit Mitigations
Lessons Learned - Hardware-Protected Crypto Keys
Lessons Learned - Attack Surface

Taught by

USENIX

Reviews

Start your review of Unearthing the TrustedCore - A Critical Review on Huawei’s Trusted Execution Environment

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.