Practical and Privacy-Preserving TEE Migration

Abstract: Abstract. Trusted Execution Environments (TEE) are becoming widely deployed in new smartphone generation. Running within the TEE, the Trusted Applications (TA) belong to diverse service providers. Each TA manipulates a profile, constituted of secret credentials and user's private data. Normally, a user should be able to transfer his TEE profiles from a TEE to another compliant TEE. However, TEE profile migration implies security and privacy issues in particular for TEE profiles that require explicit agreement … Show more

“…Such work incorporates GP TEE-specific entites, such as security domains (SDs) and root SDs, which do not exist on Intel SGX or earlier TPM-based TEEs like Intel TXT [11]. As such, users of this work should be aware of the implementation specifics when deploying these protocols; we refer users to [3] and [10] for guidance for GP TEEs, and [6] for Intel SGX. Formal Symbolic Verification.…”

“…Migration is crucial in preserving credentials during a device replacement or relocation, where credentials can be remotely transferred without incurring reinitialisation costs. Migrating credentials across TEEs has already attracted some attention in related literature [3,16]. We summarise these schemes and their contributions.…”

“…Arfaoui et al [3] present a privacy-preserving protocol for migrating credentials between GlobalPlatform TEEs. A PKI-based protocol is proposed for authorising the credential transfer between the TEE, TSM and the TEE's service providers, each of whom controls a set of TAs in a Security Domain (SD).…”

“…The credentials are migrated by re-entering the password, which is re-tokenised on the receiver device, and transmitted and verified by the backup server that releases the encrypted credentials. However, like [3], the proposal lacks trust assurances between the TSM and both TEEs, nor is it subjected to formal analysis.…”

“…Implicitly, the protocol avoids specifying TEE-specific functionalities; rather, for F2 (TEE agnosticism), we abstract the protocol appropriately to allow migrations between heterogeneous TEEs by allowing either a GP TEE application or Intel SGX enclave to act as either T A. For TEEspecific implementation guidance, the reader is referred to existing work such as the GlobalPlatform TMF specifications [10], and the work by Arfaoui et al [3] for managing and authorising SDs on the GP TEE. In Section 7, we specify the protocols and procedures formally, and detail an enhanced mutual attestation protocol for STCP for satisfying the remaining requirements from Section 2.1.…”

Remote Credential Management with Mutual Attestation for Trusted Execution Environments

“…Such work incorporates GP TEE-specific entites, such as security domains (SDs) and root SDs, which do not exist on Intel SGX or earlier TPM-based TEEs like Intel TXT [11]. As such, users of this work should be aware of the implementation specifics when deploying these protocols; we refer users to [3] and [10] for guidance for GP TEEs, and [6] for Intel SGX. Formal Symbolic Verification.…”

“…Migration is crucial in preserving credentials during a device replacement or relocation, where credentials can be remotely transferred without incurring reinitialisation costs. Migrating credentials across TEEs has already attracted some attention in related literature [3,16]. We summarise these schemes and their contributions.…”

“…Arfaoui et al [3] present a privacy-preserving protocol for migrating credentials between GlobalPlatform TEEs. A PKI-based protocol is proposed for authorising the credential transfer between the TEE, TSM and the TEE's service providers, each of whom controls a set of TAs in a Security Domain (SD).…”

“…The credentials are migrated by re-entering the password, which is re-tokenised on the receiver device, and transmitted and verified by the backup server that releases the encrypted credentials. However, like [3], the proposal lacks trust assurances between the TSM and both TEEs, nor is it subjected to formal analysis.…”

“…Implicitly, the protocol avoids specifying TEE-specific functionalities; rather, for F2 (TEE agnosticism), we abstract the protocol appropriately to allow migrations between heterogeneous TEEs by allowing either a GP TEE application or Intel SGX enclave to act as either T A. For TEEspecific implementation guidance, the reader is referred to existing work such as the GlobalPlatform TMF specifications [10], and the work by Arfaoui et al [3] for managing and authorising SDs on the GP TEE. In Section 7, we specify the protocols and procedures formally, and detail an enhanced mutual attestation protocol for STCP for satisfying the remaining requirements from Section 2.1.…”

Remote Credential Management with Mutual Attestation for Trusted Execution Environments

MA-TEECM: Mutual Anonymous Authentication-Based Credential Migration Technology for Mobile Trusted Execution Environments

A Secure Authentication Scheme for Wireless Sensor Networks Based on DAC and Intel SGX