[若渴] Preliminary Study on Design and Exploitation of Trustzone

Aj MaChInE
Aj MaChInE
“Preliminary” Study on Design and Exploitation of Trustzone @若渴 2018.3.24 <ajblane0612@gmail.com> AjMaChInE
Outline • Design category of using trustzone • TEE Exploitation
Isolation Process Isolation -> Kernel Isolation-> Function Isolation (symmetrically call – non-preemptive) [0]
ARM TrustZone Technology “It aims at enabling the creation of an execution environment, for protecting the confidentiality and integrity of critical code, allowing that code to be executed isolated from the main operating system (OS).” [0] EL3 EL1 EL0
Design Category of Using TrustZone • Security services • Virtualization • Development frameworks
Security Services • DroidVault [1] • TrustOTP [2] • TZ-RKP [3]
DroidVault - Allowing the Secure Management of Storage [1] R0,R1 R2,R3
TrustOTP - Information Leakage of OTP [2]
Why to Use Reliable Switch [2] • SMC instruction – When REE (Normal) Kernels are compromised • Secure Interrupt – Non-maskable GPIO-2 Secure Interrupt
Reliable Switch - Non-Maskable Interrupt (NMI) Mechanism [2] • Non-maskable GPIO-2 Secure Interrupt Central Security Unit (CSU)
TZ-RKP: Avoid Bypassing the Memory Protection using Double Mapping [3]
TZ-RKP: Control Instruction Emulation and Trapping Translation Table Updates
Trsut-RKP OS Virtaul Memory Layout [3]
Virtualization
vTZ: When TEE OS is Compromised [4]
(c) is an Excellent Design [4]
Development Frameworks [0] TrusrFrame [0]
GlobalPlatform API ARM Trustzone API GlobalPlatform API ARM Trustzone ARM Trustzone Intel SGX
E.G. OP-TEE
E.G. TrustFrame [0] (ioctl)
Exploitation • Semantic gap (BOOMERANG) [5] • Revoke vulnerable trustlets [6]
Semantic Gap • [利用特性] – the secure world always maintains complete control over and visibility into the non-secure world (similar to a hypervisor and its guests) – Visibility: the secure world and its associated TAs have the ability to read and write to non-secure world memory • BOOMERANG (自食其果~”~) exploits the semantic gap inherent to the design of all the current TEE implementations.
BOOMERANG – PTR as DATA cannot be Checked [5]
Revocation • QSEE revocation – The Attestation certificate preventing “rolling back” to older versions of the software image – 但 all trustlets share the same image identifier • Kinibi revocation – Reverse-engineer the bootloader binary including TEE kernel – 沒有DOC ->找到TEE kernel->又找到parsing signature->解出the structure of the signature – 但直接送有問題的tasklet就可@@a [6]
Reference • [0] 2016, Joao Rocheteau Ramos, TrustFrame, a Software Development Framework for TrustZone-enabled Hardware • [1] 2014, Xiaolei Li, DroidVault- A Trusted Data Vault for Android • [2] 2015, He Sun, etc., TrustOTP- Transforming Smartphones into Secure One-Time Password Tokens • [3] 2014, Ahmed M Azab, etc. Hypervision Across Worlds : Real- time Kernel Protection from the ARM TrustZone Secure World • [4] 2017, Zhichao Hua, etc. vTZ- Virtualizing ARM TrustZone • [5] 2017, Nick Stephens, etc. Boomerang- Exploiting the Semantic Gap in Trusted Execution Environments • [6] 2017, Gal Beniamini, Trust Issues-Exploiting TrustZone TEEs
1 of 25

[若渴] Preliminary Study on Design and Exploitation of Trustzone

Download to read offline
Education

"Preliminary" 就是沒讀很多的意思,持續閱讀中,做個初步整理。

Aj MaChInE
Aj MaChInE

Recommended

Platform Security PresentationPlatform Security Presentation
Platform Security PresentationTyson Key
292 views3 slides
How Many Linux Security Layers Are Enough?How Many Linux Security Layers Are Enough?
How Many Linux Security Layers Are Enough?Michael Boelen
6.7K views51 slides
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsKernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsAnne Nicolas
2.9K views51 slides
Kevin wharramKevin wharram
Kevin wharramKevin Wharram
552 views39 slides
HCLOS.Reduce to 600 dpi average qualityHCLOS.Reduce to 600 dpi average quality
HCLOS.Reduce to 600 dpi average qualityVinayak Wadhwa
198 views54 slides
I3 product &amp; solutions details 2016I3 product &amp; solutions details 2016
I3 product &amp; solutions details 2016Denny NS
138 views11 slides

More Related Content

Similar to [若渴] Preliminary Study on Design and Exploitation of Trustzone

Secure nets-and-dataSecure nets-and-data
Secure nets-and-dataKevin Mayo
497 views60 slides

Similar to [若渴] Preliminary Study on Design and Exploitation of Trustzone(20)

6 andrii grygoriev - security issues in arm trust zone software6 andrii grygoriev - security issues in arm trust zone software
6 andrii grygoriev - security issues in arm trust zone software
Ievgenii Katsan811 views
Enterprise Node - Securing Your EnvironmentEnterprise Node - Securing Your Environment
Enterprise Node - Securing Your Environment
Kurtis Kemple258 views
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solution
Linaro6.4K views
Oracle super cluster m7Oracle super cluster m7
Oracle super cluster m7
OTN Systems Hub1.9K views
Review of Hardware based solutions for trusted cloud computing.pptxReview of Hardware based solutions for trusted cloud computing.pptx
Review of Hardware based solutions for trusted cloud computing.pptx
ssusere142fe71 views
Secure nets-and-dataSecure nets-and-data
Secure nets-and-data
Kevin Mayo497 views
Lucw lsec-securit-20110907-4-final-5Lucw lsec-securit-20110907-4-final-5
Lucw lsec-securit-20110907-4-final-5
Luc Wijns976 views
Cont0519Cont0519
Cont0519
Samuel Dratwa310 views
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax | Best Practices for Securing DataStax Enterprise (Matt Kennedy) | C...
DataStax1K views
HAcktive Directory - Microsoft Meetup July 2020HAcktive Directory - Microsoft Meetup July 2020
HAcktive Directory - Microsoft Meetup July 2020
Yossi Sassi337 views
Nelson: Rigorous Deployment for a Functional WorldNelson: Rigorous Deployment for a Functional World
Nelson: Rigorous Deployment for a Functional World
Timothy Perrett1.5K views
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLEDATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLE
DATABASE PRIVATE SECURITY JURISPRUDENCE: A CASE STUDY USING ORACLE
ijdms58 views
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Hardware-assisted Isolated Execution Environment to run trusted OS and applic...
Kuniyasu Suzaki1.5K views
Clonetab flyerClonetab flyer
Clonetab flyer
Venkata Meka179 views
EuskalHack 2017 - Secure initialization of TEEs: when secure boot falls shortEuskalHack 2017 - Secure initialization of TEEs: when secure boot falls short
EuskalHack 2017 - Secure initialization of TEEs: when secure boot falls short
Cristofaro Mune1.4K views
Secure initialization of Trusted Execution Environments: When Secure Boot fal...Secure initialization of Trusted Execution Environments: When Secure Boot fal...
Secure initialization of Trusted Execution Environments: When Secure Boot fal...
Riscure1.5K views
Serverless security - how to protect what you don't see?Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?
Sqreen248 views
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)
Ramesh Nagappan194 views
GDL OpenStack Community - Openstack IntroductionGDL OpenStack Community - Openstack Introduction
GDL OpenStack Community - Openstack Introduction
Victor Morales2.8K views
Cisco Router and Switch Security Hardening GuideCisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening Guide
Harris Andrea2.8K views

More from Aj MaChInE

A study on NetSpectreA study on NetSpectre
A study on NetSpectreAj MaChInE
211 views27 slides

More from Aj MaChInE(19)

An Intro on Data-oriented AttacksAn Intro on Data-oriented Attacks
An Intro on Data-oriented Attacks
Aj MaChInE301 views
A Study on .NET Framework for Red Team - Part IA Study on .NET Framework for Red Team - Part I
A Study on .NET Framework for Red Team - Part I
Aj MaChInE493 views
A study on NetSpectreA study on NetSpectre
A study on NetSpectre
Aj MaChInE211 views
Introduction to Adversary Evaluation ToolsIntroduction to Adversary Evaluation Tools
Introduction to Adversary Evaluation Tools
Aj MaChInE1.2K views
[若渴] A preliminary study on attacks against consensus in bitcoin[若渴] A preliminary study on attacks against consensus in bitcoin
[若渴] A preliminary study on attacks against consensus in bitcoin
Aj MaChInE345 views
[RAT資安小聚] Study on Automatically Evading Malware Detection[RAT資安小聚] Study on Automatically Evading Malware Detection
[RAT資安小聚] Study on Automatically Evading Malware Detection
Aj MaChInE795 views
[若渴]Study on Side Channel Attacks and Countermeasures [若渴]Study on Side Channel Attacks and Countermeasures
[若渴]Study on Side Channel Attacks and Countermeasures
Aj MaChInE858 views
[若渴計畫] Challenges and Solutions of Window Remote Shellcode[若渴計畫] Challenges and Solutions of Window Remote Shellcode
[若渴計畫] Challenges and Solutions of Window Remote Shellcode
Aj MaChInE981 views
[若渴計畫] Introduction: Formal Verification for Code[若渴計畫] Introduction: Formal Verification for Code
[若渴計畫] Introduction: Formal Verification for Code
Aj MaChInE718 views
[若渴計畫] Studying ASLR^cache[若渴計畫] Studying ASLR^cache
[若渴計畫] Studying ASLR^cache
Aj MaChInE430 views
[若渴計畫] Black Hat 2017之過去閱讀相關整理[若渴計畫] Black Hat 2017之過去閱讀相關整理
[若渴計畫] Black Hat 2017之過去閱讀相關整理
Aj MaChInE434 views
[若渴計畫] Studying Concurrency[若渴計畫] Studying Concurrency
[若渴計畫] Studying Concurrency
Aj MaChInE4K views
閱讀文章分享@若渴 2016.1.24閱讀文章分享@若渴 2016.1.24
閱讀文章分享@若渴 2016.1.24
Aj MaChInE1.3K views
[若渴計畫2015.8.18] SMACK[若渴計畫2015.8.18] SMACK
[若渴計畫2015.8.18] SMACK
Aj MaChInE1.2K views
[SITCON2015] 自己的異質多核心平台自己幹[SITCON2015] 自己的異質多核心平台自己幹
[SITCON2015] 自己的異質多核心平台自己幹
Aj MaChInE2.6K views
[MOSUT20150131] Linux Runs on SoCKit Board with the GPGPU[MOSUT20150131] Linux Runs on SoCKit Board with the GPGPU
[MOSUT20150131] Linux Runs on SoCKit Board with the GPGPU
Aj MaChInE1.3K views
[若渴計畫]由GPU硬體概念到coding CUDA[若渴計畫]由GPU硬體概念到coding CUDA
[若渴計畫]由GPU硬體概念到coding CUDA
Aj MaChInE4.8K views
[若渴計畫]64-bit Linux Return-Oriented Programming[若渴計畫]64-bit Linux Return-Oriented Programming
[若渴計畫]64-bit Linux Return-Oriented Programming
Aj MaChInE2.2K views
[MOSUT] Format String Attacks[MOSUT] Format String Attacks
[MOSUT] Format String Attacks
Aj MaChInE2.6K views

Recently uploaded

Industry4wrd.pptxIndustry4wrd.pptx
Industry4wrd.pptxBC Chew
153 views17 slides
Psychology KS5Psychology KS5
Psychology KS5WestHatch
53 views5 slides

Recently uploaded(20)

Industry4wrd.pptxIndustry4wrd.pptx
Industry4wrd.pptx
BC Chew153 views
GSoC 2024GSoC 2024
GSoC 2024
DeveloperStudentClub1049 views
Nico Baumbach IMR Media ComponentNico Baumbach IMR Media Component
Nico Baumbach IMR Media Component
InMediaRes1186 views
Education and Diversity.pptxEducation and Diversity.pptx
Education and Diversity.pptx
DrHafizKosar56 views
Psychology KS5Psychology KS5
Psychology KS5
WestHatch53 views
ICS3211_lecture 08_2023.pdfICS3211_lecture 08_2023.pdf
ICS3211_lecture 08_2023.pdf
Vanessa Camilleri68 views
Compare the flora and fauna of Kerala and Chhattisgarh ( Charttabulation) Compare the flora and fauna of Kerala and Chhattisgarh ( Charttabulation)
Compare the flora and fauna of Kerala and Chhattisgarh ( Charttabulation)
AnshulDewangan395 views
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
Jisc51 views
American Psychological Association 7th Edition.pptxAmerican Psychological Association 7th Edition.pptx
American Psychological Association 7th Edition.pptx
SamiullahAfridi458 views
Sociology KS5Sociology KS5
Sociology KS5
WestHatch50 views
231112 (WR) v1 ChatGPT OEB 2023.pdf231112 (WR) v1 ChatGPT OEB 2023.pdf
231112 (WR) v1 ChatGPT OEB 2023.pdf
WilfredRubens.com100 views
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
Jisc49 views
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
Jisc51 views
AI Tools for Business and StartupsAI Tools for Business and Startups
AI Tools for Business and Startups
Svetlin Nakov57 views
Streaming Quiz 2023.pdfStreaming Quiz 2023.pdf
Streaming Quiz 2023.pdf
Quiz Club NITW87 views
Chemistry of sex hormones.pptxChemistry of sex hormones.pptx
Chemistry of sex hormones.pptx
RAJ K. MAURYA97 views
Scope of Biochemistry.pptxScope of Biochemistry.pptx
Scope of Biochemistry.pptx
shoba shoba110 views
Universe revised.pdfUniverse revised.pdf
Universe revised.pdf
DrHafizKosar84 views
Dance KS5 BreakdownDance KS5 Breakdown
Dance KS5 Breakdown
WestHatch52 views
Ch. 7 Political Participation and Elections.pptxCh. 7 Political Participation and Elections.pptx
Ch. 7 Political Participation and Elections.pptx
Rommel Regala55 views

[若渴] Preliminary Study on Design and Exploitation of Trustzone

  • 1. “Preliminary” Study on Design and Exploitation of Trustzone @若渴 2018.3.24 <ajblane0612@gmail.com> AjMaChInE
  • 2. Outline • Design category of using trustzone • TEE Exploitation
  • 3. Isolation Process Isolation -> Kernel Isolation-> Function Isolation (symmetrically call – non-preemptive) [0]
  • 4. ARM TrustZone Technology “It aims at enabling the creation of an execution environment, for protecting the confidentiality and integrity of critical code, allowing that code to be executed isolated from the main operating system (OS).” [0] EL3 EL1 EL0
  • 5. Design Category of Using TrustZone • Security services • Virtualization • Development frameworks
  • 6. Security Services • DroidVault [1] • TrustOTP [2] • TZ-RKP [3]
  • 7. DroidVault - Allowing the Secure Management of Storage [1] R0,R1 R2,R3
  • 8. TrustOTP - Information Leakage of OTP [2]
  • 9. Why to Use Reliable Switch [2] • SMC instruction – When REE (Normal) Kernels are compromised • Secure Interrupt – Non-maskable GPIO-2 Secure Interrupt
  • 10. Reliable Switch - Non-Maskable Interrupt (NMI) Mechanism [2] • Non-maskable GPIO-2 Secure Interrupt Central Security Unit (CSU)
  • 11. TZ-RKP: Avoid Bypassing the Memory Protection using Double Mapping [3]
  • 12. TZ-RKP: Control Instruction Emulation and Trapping Translation Table Updates
  • 13. Trsut-RKP OS Virtaul Memory Layout [3]
  • 15. vTZ: When TEE OS is Compromised [4]
  • 16. (c) is an Excellent Design [4]
  • 18. GlobalPlatform API ARM Trustzone API GlobalPlatform API ARM Trustzone ARM Trustzone Intel SGX
  • 21. Exploitation • Semantic gap (BOOMERANG) [5] • Revoke vulnerable trustlets [6]
  • 22. Semantic Gap • [利用特性] – the secure world always maintains complete control over and visibility into the non-secure world (similar to a hypervisor and its guests) – Visibility: the secure world and its associated TAs have the ability to read and write to non-secure world memory • BOOMERANG (自食其果~”~) exploits the semantic gap inherent to the design of all the current TEE implementations.
  • 23. BOOMERANG – PTR as DATA cannot be Checked [5]
  • 24. Revocation • QSEE revocation – The Attestation certificate preventing “rolling back” to older versions of the software image – 但 all trustlets share the same image identifier • Kinibi revocation – Reverse-engineer the bootloader binary including TEE kernel – 沒有DOC ->找到TEE kernel->又找到parsing signature->解出the structure of the signature – 但直接送有問題的tasklet就可@@a [6]
  • 25. Reference • [0] 2016, Joao Rocheteau Ramos, TrustFrame, a Software Development Framework for TrustZone-enabled Hardware • [1] 2014, Xiaolei Li, DroidVault- A Trusted Data Vault for Android • [2] 2015, He Sun, etc., TrustOTP- Transforming Smartphones into Secure One-Time Password Tokens • [3] 2014, Ahmed M Azab, etc. Hypervision Across Worlds : Real- time Kernel Protection from the ARM TrustZone Secure World • [4] 2017, Zhichao Hua, etc. vTZ- Virtualizing ARM TrustZone • [5] 2017, Nick Stephens, etc. Boomerang- Exploiting the Semantic Gap in Trusted Execution Environments • [6] 2017, Gal Beniamini, Trust Issues-Exploiting TrustZone TEEs