In the increasingly connected world in which we live the security of our information is paramount. Not only are government agencies trying to tap all our communications, but so are cyber-criminals so they can sell our data to make money. Unlike any other time in history how our data is protected is vital, not only to businesses, but also to individuals.
Built into every Cortex-A based processor is a clever piece of technology called TrustZone.
Built into every Cortex-A based processor is a clever piece of technology called TrustZone. It provides a small, certifiable Trusted Execution Environment (TEE) that is isolated from the main operating system (e.g. Android) and as such is completely immune to software level attacks.
The TrustZone runs its own bespoke operating system. When the processor switches to the trusted environment then Android has no interaction with what is running there, in fact Android doesn’t even know that the secure environment is running. Complete hardware isolation.
Processors with TrustZone can execute instructions in one of two modes: the normal world, where untrusted code executes, and the secure world, where secure services run. Both modes have independent memory address spaces and different privileges.
The Normal world mode cannot access the secure world address space, but code running in the secure world can access the normal world address space. The processors support a special address bit, the NS bit, that indicates which world the processor is currently using.
Because the processor can only be in one mode or the other, there is a mechanism which tells the CPU to switch modes. This is done via a special instruction called the Secure Monitor Call (smc). When the CPU executes the smc instruction, the hardware switches and performs a secure context switch.
So what does that mean for the average user. Imagine that you need to connect to your online banking. At the moment there are a variety of two step authentication methods that can be used to ensure that you sign in securely. Some banks send SMS messages to your phone, while others issue their customers with bespoke bits of hardware which generate special authentication codes. The idea is that even if a cyber thief gets your username and password, they won’t have access to the secondary bits of information.
What TrustZone provides is a way for service providers (like banks) to integrate the secondary step, in the two part authentication process, in the phone itself. Since the TrustZone is completely isolated then there is no danger of any malware, other nefarious attack vectors, being used to get the authentication codes.
For example, a user might want to pay for some goods from their smartphone. An Android app on the smartphone is used to process the initial part of the payment. Then the processor switches to the secure OS. This OS can control the display and asks the user to tap in their PIN number. It is then encrypted and passed back to Android. While the secure OS was running Android had no interaction with the screen and knows nothing about what happened. This isolation is done at the hardware level. Finally the Android app takes the encrypted PIN number and uses it to authenticate with the payment service. Any spying that occurs will only be able to capture encrypted data, even if the spying happens on the smartphone itself.
Since the TrustZone OS is custom built and can’t be installed via a general installation method (like via the Play Store) then each service provider would need to create a special smartphone with its trusted software on it. This itself isn’t feasible. However it is possible to create a general Trusted Execution Environment kernel which has the capability to install certified trust apps.
ARM is also working on its own Trusted Firmware.
To make this trusted execution environment more accessible to secure service providers then companies like Trustonic and Samsung (with its Knox 2.0 platform) are creating systems to allow trusted apps to be installed in the TrustZone. These trusted apps will be able to handle a wide range of authentication tasks from secure sign-in to payment processing.
ARM is also working on its own Trusted Firmware. Designed for 64-bit ARMv8 based processors, the open source project is released under a BSD-style license and the source code is available on Github. Due to its open source nature ARM hopes that handsets OEM’s can take the code and use it in their products. The goal of the project is to provide a reference implementation and as far as possible the code is designed for reuse or porting to other ARMv8 hardware platforms.
For a trusted execution environment to be truly trustworthy then the device’s boot process must be secure. To that end ARM is working with its partners to bring a secure boot process to Android handsets. Android boots by running a bootloader that prevents unauthorized secondary bootloaders and operating systems from loading. This Secure Boot process is implemented cryptographically verifying each step of the boot process. The certificate chain has its trusted root certificate stored in the TrustZone, isolated by the hardware.
Samsung’s implementation of the secure boot processes also verifies the Android firmware. Although this isn’t something that will delight users who like to install custom firmware, it is essential for enterprise (business) users which need to ensure that the security aspects of Android (like those provided by SE for Android) haven’t been disabled.
Samsung KNOX 2.0 measures certain key aspects of the bootloader and records them in secure memory. At runtime the trusted OS can verify those measurements and verify the validity of the Android firmware running. If the bootloader is unable to verify the Android kernel, a one-time programmable memory area (often known as a fuse) is used to indicate the suspected tampering.
Say goodbye to passwords
One organization which is using ARM’s TrustZone is the FIDO (Fast Identity Online) alliance. The mission of the alliance is to change the nature of online authentication by defining a set of mechanisms that reduce our reliance on passwords. ARM joined FIDO’s Board of Directors earlier this year where it works with the some of the world’s most influential corporations including Microsoft, Google, Bank of America and Samsung.
Samsung, ARM and FIDO have worked with PayPal to give customers a way to use their fingerprint for authentication when paying for goods or services from a Samsung Galaxy S5.
Its passwordless specification allows a user to register their device with an online service by selecting a local authentication method (such as swiping, facial recognition, entering a PIN, etc.). Once registered, the user repeats the same authentication action whenever they need to sign in to the service. TrustZone is used to provide the secure authentication action which is isolated from Android and any apps running. The result is some encrypted authentication data which is used to perform the sign-in process. As a result the user no longer needs to use a password when authenticating from that device. The user can even combine multiple authentication methods such as fingerprint + PIN etc.
Samsung, ARM and FIDO have worked with PayPal to give customers a way to use their fingerprint for authentication when paying for goods or services from a Samsung Galaxy S5. The FIDO Ready software on the S5 securely communicates between the fingerprint reader and PayPal’s servers. The only information the device shares with PayPal is a unique cryptographic code that allows PayPal to verify the owner’s identity, without having to store any biometric information on its servers.
With smartphone ubiquity increasing daily then the potential for Trusted Execution Environments, and the corresponding benefits for users, is huge. As it often the case, ARM is leading the way and the technology needed to get rid of passwords is probably already in your phone!