research-article

Trust in a small package: minimized MRTM software implementation for mobile secure environments

Authors:

Jan-Erik Ekberg,

Sven BugielAuthors Info & Claims

STC '09: Proceedings of the 2009 ACM workshop on Scalable trusted computing

Pages 9 - 18

https://doi.org/10.1145/1655108.1655111

Published: 13 November 2009 Publication History

Abstract

In this paper we present a software-based implementation of a Mobile Remote Owner Trusted Module, using security extensions of contemporary System-On-Chip architectures. An explicit challenge are the constrained resources of such on-chip mechanisms. We expose a software architecture that minimizes the code and data size of the MRTM, applying some novel approaches proposed in recent research. Additionally, we explore alternatives within the specification to further optimize the size of MTMs. We present an analysis of specific new security issues induced by the architecture. Performance figures for an on-the-market mobile handset are provided. The results clearly indicate that a software-based MRTM is feasible on modern embedded hardware with legacy security environments.

References

[1]

Embedded XEN. http://sourceforge.net/projects/embeddedxen/.

[2]

Keylength.com -- Cryptographic Key Length Recommendation, http://www.keylength.com.

[3]

XEN Hypervisor. http://xen.org/.

[4]

ARM. TrustZone-enabled processor. http://www.arm.com/pdfs/DDI0301D_arm1176jzfs_r0p2_trm.pdf.

[5]

Stefan Berger, Ramón Cáceres, Kenneth A. Goldman, Ronald Perez, Reiner Sailer, and Leendert van Doorn. vTPM: virtualizing the trusted platform module. In USENIX-SS'06: Proceedings of the 15th conference on USENIX Security Symposium, Berkeley, CA, USA, 2006. USENIX Association.

Digital Library

[6]

Kurt Dietrich. An integrated architecture for trusted computing for java enabled embedded devices. In STC'07: Proceedings of the 2007 ACM workshop on Scalable trusted computing, pages 2--6, New York, NY, USA, 2007. ACM.

Digital Library

[7]

Thomas Eisenbarth, Tim Güneysu, Christof Paar, Ahmad-Reza Sadeghi, Dries Schellekens, and Marko Wolf. Reconfigurable trusted computing in hardware. In STC'07: Proceedings of the 2007 ACM workshop on Scalable trusted computing, pages 15--20, New York, NY, USA, 2007. ACM.

Digital Library

[8]

Jan-Erik Ekberg and Markku Kylänpää. Mobile Trusted Module (MTM) -an introduction. http://research.nokia.com/files/NRCTR2007015.pdf.

[9]

Jan-Erik Ekberg and Markku Kylänpää. MTM implementation on the TPM emulator. http://mtm.nrsec.com/.

[10]

Joo-Young Hwang, Sang-Bum Suh, Sung-Kwan Heo, Chan-Ju Park, Jae-Min Ryu, Seong-Yeol Park, and Chul-Ryun Kim. Xen on ARM: System Virtualization Using Xen Hypervisor for ARM-Based Secure Mobile Phones. In Consumer Communications and Networking Conference, 2008. CCNC 2008. 5th IEEE, pages 257--261, January 2008.

[11]

Klaus Kursawe and Dries Schellekens. Flexible μTPMs through disembedding. In ASIACCS'09: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, pages 116--124, New York, NY, USA, 2009. ACM.

Digital Library

[12]

Dries Schellekens, Pim Tuyls, and Bart Preneel. Embedded Trusted Computing with Authenticated Non-volatile Memory. In Trust '08: Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies, pages 60--74, Berlin, Heidelberg, 2008. Springer--Verlag.

Digital Library

[13]

Andreas U. Schmidt, Nicolai Kuntze, and Michael Kasper. On the deployment of Mobile Trusted Modules, 2007.

[14]

Jay Srage and Jerome Azema. M-Shield Mobile Security Technology, 2005. TI White paper. http://focus.ti.com/pdfs/wtbu/ti_mshield_whitepaper.pdf.

[15]

Mario Strasser and Heiko Stamer. A Software-Based Trusted Platform Module Emulator. In Trust '08: Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies, pages 33--47, Berlin, Heidelberg, 2008. Springer-Verlag.

Digital Library

[16]

Harini Sundaresan. OMAP platform security features, July 2003. TI White paper. http://focus.ti.com/pdfs/vf/wireless/platformsecuritywp.pdf.

[17]

Trusted Computing Group. Mobile Trusted Module (MTM) Specification. Version 1.0 Revision 6, 26 June 2008, http://www.trustedcomputinggroup.org/resources/mobile_phone_work_group_%mobile_trusted_module_specification_version_10.

[18]

Trusted Computing Group. TCG Mobile Reference Architecture Specification. Version 1.0 Revision 1, 12 June 2007 http://www.trustedcomputinggroup.org/resources/mobile_phone_work_group_%mobile_reference_architecture.

[19]

Trusted Computing Group. TCG Software Stack (TSS). Specification Version 1.2 Level 1 Errata A, 7 March 2007, http://www.trustedcomputinggroup.org/resources/tcg_software_stack_tss_s%pecification.

[20]

Trusted Computing Group. Trusted Platform Module (TPM) Main Specification. Version 1.2 Revision 103, 9 July 2007, http://www.trustedcomputinggroup.org/resources/tpm_main_specification.

[21]

Johannes Winter. Trusted computing building blocks for embedded linux-based ARM trustzone platforms. In STC'08: Proceedings of the 3rd ACM workshop on Scalable trusted computing, pages 21--30, New York, NY, USA, 2008. ACM.

Digital Library

[22]

Xinwen Zhang, Onur Acıiçmez, and Jean-Pierre Seifert. A trusted mobile phone reference architecturevia secure kernel. In STC'07: Proceedings of the 2007 ACM workshop on Scalable trusted computing, pages 7--14, New York, NY, USA, 2007. ACM.

Digital Library

Cited By

Chakraborty DHanzlik LBugiel SHeninger NTraynor P(2019)simTPMProceedings of the 28th USENIX Conference on Security Symposium10.5555/3361338.3361376(533-550)Online publication date: 14-Aug-2019
https://dl.acm.org/doi/10.5555/3361338.3361376
Feng WQin YFeng D(2018)Using mobile phones to enhance computing platform trustTelecommunications Systems10.1007/s11235-018-0456-y69:2(187-205)Online publication date: 1-Oct-2018
https://dl.acm.org/doi/10.1007/s11235-018-0456-y
Nauman MAli TRauf A(2018)Using trusted computing for privacy preserving keystroke-based authentication in smartphonesTelecommunications Systems10.1007/s11235-011-9538-952:4(2149-2161)Online publication date: 30-Dec-2018
https://dl.acm.org/doi/10.1007/s11235-011-9538-9
Show More Cited By

Index Terms

Trust in a small package: minimized MRTM software implementation for mobile secure environments
1. Security and privacy
  1. Systems security
    1. Operating systems security
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

On-board credentials with open provisioning
ASIACCS '09: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security

Securely storing and using credentials is critical for ensuring the security of many modern distributed applications. Existing approaches to address this problem fall short. User memorizable passwords are flexible and cheap, but they suffer from bad ...
Compact and unified hardware architecture for SHA-1 and SHA-256 of trusted mobile computing

This paper presents a compact and unified hardware architecture implementing SHA-1 and SHA-256 algorithms that is suitable for the mobile trusted module (MTM), which should satisfy small area and low-power condition. The built-in hardware hash engine in ...
Breaking the Trust Dependence on Third Party Processes for Reconfigurable Secure Hardware
FPGA '19: Proceedings of the 2019 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays

Modern CPU designs are beginning to incorporate secure hardware features, but leave developers with little control over both the set of features and when and whether updates are available. Reconfigurable logic (e.g., FPGAs) has been proposed as an ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

STC '09: Proceedings of the 2009 ACM workshop on Scalable trusted computing

November 2009

82 pages

ISBN:9781605587882

DOI:10.1145/1655108

General Chair:
Shouhuai Xu
University of Texas, San Antonio, USA
,
Program Chairs:
N. Asokan
Nokia Research, Finland
,
Cristina Nita-Rotaru
CERIAS, Purdue University, USA
,
Jean-Pierre Seifert
Technische Universitat and Deutsche Telekom Laboratories, Germany

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 November 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '09

Sponsor:

SIGSAC

CCS '09: 16th ACM Conference on Computer and Communications Security 2009

November 13, 2009

Illinois, Chicago, USA

Acceptance Rates

Overall Acceptance Rate 17 of 31 submissions, 55%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
456
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)1

Reflects downloads up to 25 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Chakraborty DHanzlik LBugiel SHeninger NTraynor P(2019)simTPMProceedings of the 28th USENIX Conference on Security Symposium10.5555/3361338.3361376(533-550)Online publication date: 14-Aug-2019
https://dl.acm.org/doi/10.5555/3361338.3361376
Feng WQin YFeng D(2018)Using mobile phones to enhance computing platform trustTelecommunications Systems10.1007/s11235-018-0456-y69:2(187-205)Online publication date: 1-Oct-2018
https://dl.acm.org/doi/10.1007/s11235-018-0456-y
Nauman MAli TRauf A(2018)Using trusted computing for privacy preserving keystroke-based authentication in smartphonesTelecommunications Systems10.1007/s11235-011-9538-952:4(2149-2161)Online publication date: 30-Dec-2018
https://dl.acm.org/doi/10.1007/s11235-011-9538-9
Khan SNauman MOthman AMusa SSyed T(2018)TSSDroidSecurity and Communication Networks10.1002/sec.14489:11(1553-1576)Online publication date: 20-Dec-2018
https://dl.acm.org/doi/10.1002/sec.1448
Yang XShi PTian BZeng BXiao W(2014)Trust-EProceedings of the 2014 IEEE 11th Intl Conf on Ubiquitous Intelligence and Computing and 2014 IEEE 11th Intl Conf on Autonomic and Trusted Computing and 2014 IEEE 14th Intl Conf on Scalable Computing and Communications and Its Associated Workshops (UIC-ATC-ScalCom)10.1109/UIC-ATC-ScalCom.2014.15(495-501)Online publication date: 9-Dec-2014
https://dl.acm.org/doi/10.1109/UIC-ATC-ScalCom.2014.15
Angulo JWästlund E(2012)Exploring Touch-Screen Biometrics for User Identification on Smart PhonesPrivacy and Identity Management for Life10.1007/978-3-642-31668-5_10(130-143)Online publication date: 2012
https://doi.org/10.1007/978-3-642-31668-5_10
Bugiel SDavi LDmitrienko AHeuser SSadeghi AShastry BJiang XBhattacharya ADasgupta PEnck W(2011)Practical and lightweight domain isolation on AndroidProceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices10.1145/2046614.2046624(51-62)Online publication date: 17-Oct-2011
https://dl.acm.org/doi/10.1145/2046614.2046624
Murase MTokuda H(2011)Dependable TCB Based on the Cell Broadband Engine Isolation FacilityProceedings of the 2011 IEEE17th International Conference on Embedded and Real-Time Computing Systems and Applications - Volume 0110.1109/RTCSA.2011.45(360-370)Online publication date: 28-Aug-2011
https://dl.acm.org/doi/10.1109/RTCSA.2011.45
Winter JWiegele PPirker MTögl R(2011)A flexible software development and emulation framework for ARM trustzoneProceedings of the Third international conference on Trusted Systems10.1007/978-3-642-32298-3_1(1-15)Online publication date: 27-Nov-2011
https://dl.acm.org/doi/10.1007/978-3-642-32298-3_1
Stüble CZaerin A(2010)µTSSProceedings of the 3rd international conference on Trust and trustworthy computing10.5555/1875652.1875662(124-140)Online publication date: 21-Jun-2010
https://dl.acm.org/doi/10.5555/1875652.1875662
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents