Implementing a ARM-Based Secure Boot Scheme for the Isolated Execution Environment

Jiang, Hang; Chang, Rui; Ren, Lu; Dong, Wei

doi:10.1109/cis.2017.00079

Cited by 8 publications

(6 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is the element which is considered as de facto secure. In the case of secure boot this element can be a piece of software like a first stage bootloader [109], [110] or a hardware module like a TPM [46], [50], [111], [112], a smartcard [112], [113] or another hardware module [114], [115]. The next layer is measured by the current one then this measurement is verified.…”

Section: A Backgroundmentioning

confidence: 99%

“…This technology is used to store critical information about the protection configuration. For example Jiang et al [115] use a fuse to store cryptographic material, namely the golden values of the system. We can also talk about Samsung Knox [130] which uses a fuse to permanently store warranty expiration information if one of the bootstrap layers is not digitally signed by Samsung.…”

Section: ) Special Hardware Requiredmentioning

confidence: 99%

“…This method is the simplest to implement but requires to store a golden value per layer measured in a read-only memory. In order to reduce the amount of read-only memory required, it is possible to use a MAC instead of a hash function [115], [118], [131]. Thus the only data to be stored securely is the secret key which is the same for every layer.…”

Section: ) Measurement Algorithmmentioning

confidence: 99%

See 2 more Smart Citations

Firmware Integrity Protection: A Survey

Marchand,

Imine,

Ouarnoughi

et al. 2023

IEEE Access

View full text Add to dashboard Cite

Over the last years, firmware integrity protection has significantly been addressed in various contexts such as internet of things, vehicles, wireless sensor networks and other systems. However, due to variety of studied systems, the proposed approaches often make divergent and sometimes even conflicting security assumptions. In this regard, we propose in this article a complete survey of the most relevant approaches addressing the firmware integrity protection regardless the considered system or field of application. We first organize the approaches in three main categories, depending on the protection type: 1. secure update, 2. attestation, and 3. secure boot. We then propose two new taxonomies, the first one concerns secure update mechanisms and the second one considers secure boot. Moreover, we extend the scope of an existing taxonomy for attestation mechanisms by studying new approaches and discussing limitations. Finally, we identify open research challenges and then give suggestions and guidelines on how to address them.

show abstract

Section: A Backgroundmentioning

confidence: 99%

Section: ) Special Hardware Requiredmentioning

confidence: 99%

Section: ) Measurement Algorithmmentioning

confidence: 99%

See 1 more Smart Citation

Firmware Integrity Protection: A Survey

Marchand,

Imine,

Ouarnoughi

et al. 2023

IEEE Access

View full text Add to dashboard Cite

show abstract

“…However, it is not suitable for small embedded or IoT devices due to space, size, and cost constraints. Some researchers have used the Trusted Execution Environment (TEE) [14], Keystone [15], or proprietary implementation of Arm TrustZone [16] for runtime attestation. TrustZone uses two virtual processors called the secure and normal world to enforce the hardware-based isolation.…”

Section: Introductionmentioning

confidence: 99%

“…Other RISC-V based secure boot and attestation architecture Shakti-T [31] uses base and bounds concept to secure the pointer's access to the valid memory regions. The existing secure boot and RA architectures are complex [12], require more resources [21], [14], [16], or have been compromised by attacks such as [32] and [33].…”

Section: Introductionmentioning

confidence: 99%

SRACARE: Secure Remote Attestation with Code Authentication and Resilience Engine

Dave

Banerjee

Patel

2020

2020 IEEE International Conference on Embedded Software and Systems (ICESS)

View full text Add to dashboard Cite

Recent technological advancements have enabled proliferated use of small embedded and IoT devices for collecting, processing, and transferring the security-critical information and user data. This exponential use has acted as a catalyst in the recent growth of sophisticated attacks such as the replay, man-in-the-middle, and malicious code modification to slink, leak, tweak or exploit the security-critical information in malevolent activities. Therefore, secure communication and software state assurance (at run-time and boot-time) of the device has emerged as open security problems. Furthermore, these devices need to have an appropriate recovery mechanism to bring them back to the known-good operational state. Previous researchers have demonstrated independent methods for attack detection and safeguard. However, the majority of them lack in providing onboard system recovery and secure communication techniques. To bridge this gap, this manuscript proposes SRACARE -a framework that utilizes the custom lightweight, secure communication protocol that performs remote/local attestation, and secure boot with an onboard resilience recovery mechanism to protect the devices from the above-mentioned attacks. The prototype employs an efficient lightweight, low-power 32-bit RISC-V processor, secure communication protocol, code authentication, and resilience engine running on the Artix 7 Field Programmable Gate Array (FPGA) board. This work presents the performance evaluation and state-of-the-art comparison results, which shows promising resilience to attacks and demonstrate the novel protection mechanism with onboard recovery. The framework achieves these with only 8% performance overhead and a very small increase in hardware-software footprint.

show abstract