Data Covert Channels between the Secure World and the Normal World in the ARM TrustZone Architecture
Summary :
The ARM TrustZone architecture, which provides hardware-assisted isolation, is widely adopted in mobile and IoT devices. The security of ARM TrustZone relies on the idea of splitting system-on-chip hardware and software into two worlds, namely normal world and secure world. There are legitimate channels at the hardware level that the normal world and the secure world can use to communicate with each other. To protect these channels from being abused, research efforts were invested on restricting the access to these channels from normal world components. Therefore, only predefined and legitimate normal world components can use cross-world communication channels. In this work, we present a study on data covert channels that can bypass such protection mechanisms and smuggle sensitive information. We first analyze causes of the noise in the covert channel between two worlds. Then, we evaluate the accuracy and bandwidth of covert channels built by our PRIME+COUNT method with one built by PRIME+PROBE method. Our results demonstrate that PRIME+COUNT is an effective technique for enabling cross-world covert channels in the ARM TrustZone.
- Publication
- IEICE TRANSACTIONS on Information Vol.E105-D No.11 pp.1925-1927
- Publication Date
- 2022/11/01
- Publicized
- 2022/07/28
- Online ISSN
- 1745-1361
- DOI
- 10.1587/transinf.2022NGL0002
- Type of Manuscript
- Special Section LETTER (Special Section on Next-generation Security Applications and Practice)
- Category
Authors
Haehyun CHO
Soongsil University
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Haehyun CHO, "Data Covert Channels between the Secure World and the Normal World in the ARM TrustZone Architecture" in IEICE TRANSACTIONS on Information,
vol. E105-D, no. 11, pp. 1925-1927, November 2022, doi: 10.1587/transinf.2022NGL0002.
Abstract: The ARM TrustZone architecture, which provides hardware-assisted isolation, is widely adopted in mobile and IoT devices. The security of ARM TrustZone relies on the idea of splitting system-on-chip hardware and software into two worlds, namely normal world and secure world. There are legitimate channels at the hardware level that the normal world and the secure world can use to communicate with each other. To protect these channels from being abused, research efforts were invested on restricting the access to these channels from normal world components. Therefore, only predefined and legitimate normal world components can use cross-world communication channels. In this work, we present a study on data covert channels that can bypass such protection mechanisms and smuggle sensitive information. We first analyze causes of the noise in the covert channel between two worlds. Then, we evaluate the accuracy and bandwidth of covert channels built by our PRIME+COUNT method with one built by PRIME+PROBE method. Our results demonstrate that PRIME+COUNT is an effective technique for enabling cross-world covert channels in the ARM TrustZone.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2022NGL0002/_p
Copy
@ARTICLE{e105-d_11_1925,
author={Haehyun CHO, },
journal={IEICE TRANSACTIONS on Information},
title={Data Covert Channels between the Secure World and the Normal World in the ARM TrustZone Architecture},
year={2022},
volume={E105-D},
number={11},
pages={1925-1927},
abstract={The ARM TrustZone architecture, which provides hardware-assisted isolation, is widely adopted in mobile and IoT devices. The security of ARM TrustZone relies on the idea of splitting system-on-chip hardware and software into two worlds, namely normal world and secure world. There are legitimate channels at the hardware level that the normal world and the secure world can use to communicate with each other. To protect these channels from being abused, research efforts were invested on restricting the access to these channels from normal world components. Therefore, only predefined and legitimate normal world components can use cross-world communication channels. In this work, we present a study on data covert channels that can bypass such protection mechanisms and smuggle sensitive information. We first analyze causes of the noise in the covert channel between two worlds. Then, we evaluate the accuracy and bandwidth of covert channels built by our PRIME+COUNT method with one built by PRIME+PROBE method. Our results demonstrate that PRIME+COUNT is an effective technique for enabling cross-world covert channels in the ARM TrustZone.},
keywords={},
doi={10.1587/transinf.2022NGL0002},
ISSN={1745-1361},
month={November},}
Copy
TY - JOUR
TI - Data Covert Channels between the Secure World and the Normal World in the ARM TrustZone Architecture
T2 - IEICE TRANSACTIONS on Information
SP - 1925
EP - 1927
AU - Haehyun CHO
PY - 2022
DO - 10.1587/transinf.2022NGL0002
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E105-D
IS - 11
JA - IEICE TRANSACTIONS on Information
Y1 - November 2022
AB - The ARM TrustZone architecture, which provides hardware-assisted isolation, is widely adopted in mobile and IoT devices. The security of ARM TrustZone relies on the idea of splitting system-on-chip hardware and software into two worlds, namely normal world and secure world. There are legitimate channels at the hardware level that the normal world and the secure world can use to communicate with each other. To protect these channels from being abused, research efforts were invested on restricting the access to these channels from normal world components. Therefore, only predefined and legitimate normal world components can use cross-world communication channels. In this work, we present a study on data covert channels that can bypass such protection mechanisms and smuggle sensitive information. We first analyze causes of the noise in the covert channel between two worlds. Then, we evaluate the accuracy and bandwidth of covert channels built by our PRIME+COUNT method with one built by PRIME+PROBE method. Our results demonstrate that PRIME+COUNT is an effective technique for enabling cross-world covert channels in the ARM TrustZone.
ER -
English
