Hello again. Today I’m so happy to announce that I have finished a master’s degreee in cybersecurity at the Universitat Politècnica de València (UPV) with top honors!!! My final master’s project consists in a deep insight into the Trusted Execution Environment (TEE) technology. In the paper that you can find here, I explore the technology reviewing some relevant implementations from the main vendors, like Google, Apple or Qualcomm. At the end I explain how I wrote TEEBank, a banking application that uses a TEE to substantially increment the security. This Trusted Application (TA) serves as a proof of concept about the potential benefits of using a TEE in mobile environment. In this post I would like to describe what is a TEE, some relevant applications it has and what TEE I chose to develop TEEBank.

Trusted Execution Environment (TEE)

A TEE is an execution environment where sensitive data is stored, processed and protected in an isolated way from the Normal World (NWd), where the main OS runs. The TEE runs alongside main OS, in what is known as the Secure World (SWd) and provides higher levels of security by isolating cryptographic operations and other sensitive computations from the main OS. That isolation allows the data to be protected against a range of threats, including software attacks on the NWd. The TEE offers his services via a secure monitor, which manages the context switch between the NWd and the SWd. That monitor also routes the requested service to the appropiate Trusted Application(TA), that will perform a sensitive operation.

In mobile environments, TEEs offer several significant benefits for security, including:

1. Isolated Execution: TEEs provide a secure, isolated environment on the device where critical applications and processes can run. This isolation protects sensitive data from unauthorized access, ensuring that even if the NWd is compromised, the TEE remains secure.
2. System Integrity: By ensuring system integrity and application authenticity, TEEs prevent the tampering or substitution of applications by malicious third parties. This is crucial for maintaining the integrity of sensitive applications such as banking apps, where unauthorized modifications could have severe consequences.
3. Secure Storage and Processing: TEEs ensure that sensitive data is securely stored and processed, safeguarding it against both physical and software attacks. This protection extends to cryptographic keys and other critical assets.
4. Trusted User Interface: TEEs can provide a secure user interface for critical operations, ensuring that sensitive information entered by users (such as PINs or passwords) is not exposed to the NWd.

Applications of TEE

TEEs are used in various applications where security is paramount. Some notable applications include:

• Mobile Payments: TEEs protect payment credentials and ensure the integrity of transactions, providing a secure environment for mobile payments and digital wallets.
• Digital Rights Management (DRM): TEEs protect content and enforce DRM policies, ensuring that protected content is not accessed or distributed without authorization.
• Secure Authentication: TEEs enable secure authentication mechanisms, such as biometric authentication, by protecting the biometric data and the authentication process from tampering and unauthorized access.

OP-TEE: An Open-Source TEE

OP-TEE is an open-source TEE designed primarily to depend on Arm’s TrustZone technology for hardware isolation. It is structured to be compatible with any isolation technology appropriate for the TEE concept, including execution as a virtual machine or on a dedicated CPU. OP-TEE implements the TEE Internal Core API and TEE Client API defined by GlobalPlatform, which standardize the interaction between the TEE and the applications running in the normal environment. For the development of TEEBank I considered OP-TEE as the best option due to its active community and the extensive online resources available​.

OP-TEE distinguishes between two types of Trusted Applications (TAs):

1. Pseudo Trusted Applications: These applications act as interfaces provided by the OP-TEE core for interaction with normal world applications. They are integrated into the OP-TEE kernel blob and run at the same privilege level as the kernel code.
2. User Mode Trusted Applications: Developed by users, these applications are dynamically loaded by the OP-TEE kernel when required by a normal world application. They run at a lower CPU privilege level than the OP-TEE kernel code.

In my particular case, I developed a User Mode TA. That TA was responsible of managing the critical data such as the login information. That TA was also responsible of the secure storage of a session key, used within the biometric login option.

Conclusion

The proliferation of mobile applications for everyday tasks has raised the importance of safeguarding personal data against potential cyber threats. TEEs, such as those provided by OP-TEE, offer a robust solution for protecting sensitive data and ensuring the secure execution of critical applications. By providing isolated execution, system integrity, and secure storage, TEEs are essential for mobile device security, particularly in applications requiring high levels of trust and confidentiality.