What s In Your e-wallet? Using ARM IP to Enable Security in Mobile Phones. Richard Phelan Media Processing Division TrustZone Security Technology

Size: px

Start display at page:

Download "What s In Your e-wallet? Using ARM IP to Enable Security in Mobile Phones. Richard Phelan Media Processing Division TrustZone Security Technology"

Cynthia Walker
5 years ago
Views:

1 What s In Your e-wallet? Using ARM IP to Enable Security in Mobile Phones Richard Phelan Media Processing Division TrustZone Security Technology 1

2 What s In Your Wallet Today? Some cards A bus ticket A match ticket Some receipts Some photos Some money 2

3 Photos Are Already on the Phone Convergence of mobile phone and digital camera technologies Mobile phone becoming the first choice for video and still photographs Always available Image quality continuously improving Better lenses Higher resolution image capture Increased capability display Storage capacity increasing with removable media Dramatically increases the number of photos you can carry with you 3

4 How About Money? A medium of exchange for: Goods s A unit of account Measurable A store of value Doesn t perish Provides market liquidity Will still be worth exchanging Credit is money you don t have yet Someone else s money Tickets and receipts are money you used to have Exchanged for good or services 4

5 The Utility Of Cards As Money Widely accepted form of payment MasterCard, Visa, Edy, FeliCa Well developed infrastructure Terminals for initiating payment Magnetic strip readers Smart cards Infrastructure for verifying payment Secure servers Well understood certification process To demonstrate the security of the card To show compliance with the specified functionality 5

The Secure Mobile Phone Utility It must be useful It must be easy to use Compatibility It must be usable with existing infrastructure Proliferation Many payment schemes must coexist Isolation Payment

6 The Secure Mobile Phone Utility It must be useful It must be easy to use Compatibility It must be usable with existing infrastructure Proliferation Many payment schemes must coexist Isolation Payment schemes must be isolated from each other Payment schemes must be hidden from the application software Security Secure storage of account information Secure access to card details But maybe not quite like this. 6

7 Potential Payment Channels Operator network payment Use the caller s identity to add payment to phone bill Mobile Internet Credit card details Bank details Near-field communications (NFC) Physical proximity to payment terminal 7

8 Potential Attack Vectors Bluetooth Infrared Wireless LAN MMS SMS or WAP link Instant message Memory card PC connection File download We need a secure mobile platform! 8

9 What is a Secure Mobile Platform? Hardware-level protection A solution complementary to existing security features Isolation of critical code Interoperability of applications Choice of security components Secure debug 9

10 What is a Secure Mobile Platform? Hardware-level protection A solution complementary to existing security features Isolation of critical code Interoperability of applications Choice of security components Secure debug 10

11 Example System Secure Secure Debug TrustZone Core Configurable L220 Non - Secure TZ Interrupt Controller (PL390) TZ Address Space Controller (PL380) GIC (PL390) TCM ETM ARMv6Z Core TCM L1 Cache L2 Cache RAM L2CC LCD Controller KMI AXI2APB SDRAM DMC (PL340) TZASC PL301 FLASH SMC (PL350) TZIMW On-Chip SRAM Boot ROM AXI2APB UART Watchdog RTC Timers AXI2APB SSP Sim I/F Sys Ctrl Unique ID AXI2APB Random Number Generator Key Storage Master Key TZ Protection Controller (BP147) DMA Crypto Engine TZ Internal Memory Wrapper (BP141) Timers AXI Interconnect (PL301) IEC TZPC 11

12 What is a Secure Mobile Platform? Hardware-level protection A solution complementary to existing security features Isolation of critical code Interoperability of applications Choice of security components Secure debug 12

13 Complementing Existing Solutions TrustZone Core apps Rich OS apps SIM IF Security Aware apps TrustZone API API / Library TrustZone Secure Channel Driver ISO 7816 SIM Card Baseband OEM Secure apps SD IF SIM binding Provider API Secure Channel Interface micro SD Card AMEX STIP Secure Manager Crypto HAL STIP API STIP Interpreter MegaSIM HAL NFC/SE IF Master Card STIP SE-Secure Controller VISA STIP Custom HAL NFC/SE IF Secures access to SIM card functions Establishes a secure channel between the payment service and the SIM card Allows sensitive bank information to be resident on the SIM Secures access to NFC subsystem NFC communications are hidden from the main applications environment Allows NFC usage to be authenticated by trusted code Secures access to removable storage Enables trusted scanners to check the integrity of the storage prior to use by the main applications NFC Host interface Integrated Modules, ICs NFC Antenna 13

14 What is a Secure Mobile Platform? Hardware-level protection A solution complementary to existing security features Isolation of critical code Interoperability of applications Choice of security components Secure debug 14

15 Isolation Of Critical Code System View TrustZone Application Application Secret Storage TrustZone API TrustZone API Operating System API Operating System API API API Secure Manager Secure Manager TrustZone TrustZone Device Device Driver Driver Security Security Device Device Driver Driver Rogue Rogue Device Device Driver Driver Secure Secure Channel Channel Interface Interface Hardware 15

16 What is a Secure Mobile Platform? Hardware-level protection A solution complementary to existing security features Isolation of critical code Interoperability of applications Choice of security components Secure debug 16

17 Interoperability of Applications Application OS Platform Secure service Agent TZ API TrustZone Hardware Platform Applications written for a particular Operating System and hardware platform use the same TrustZone API for differing: Operating Systems Hardware platforms Differing CPU cores Differing crypto hardware Differing secure memory configurations Implementations of the TrustZone secure world Differing third-party secure service, e.g. DRM 17

18 What is a Secure Mobile Platform? Hardware-level protection A solution complementary to existing security features Isolation of critical code Interoperability of applications Choice of security components Secure debug 18

19 Choice of Security Components System View Unmodified Embedded OS Application Application TrustZone API TrustZone API TrustZone TrustZone Device Device Driver Driver TrustZone Download Banking Banking Download Secure Manager Secure Manager Secure Secure Channel Channel Interface Interface Interpreted s Credit Credit Card Card STIP Interpreter STIP Interpreter Payment Payment #1 #1 NFC Device HAL NFC Device HAL H/W H/W Normal Normal Code Code Trusted Trusted Code Code Hardware 19

20 What is a Secure Mobile Platform? Hardware-level protection A solution complementary to existing security features Isolation of critical code Interoperability of applications Choice of security components Secure debug 20

21 TrustZone Software Debug SPIDEN enabled for secure services developers Debug Target hello Secure Developer hello ARM1176JZF-S TM processor-based SoC JTAG Port Normal World Audio Player OS Enable Secure World DRM Keys Decrypt Enable Application Developer 21

Secure User Interface & Communication NFC and mobile banking will require secure user interface and keypad in second-generation NFC devices Complex user interface generated from application

22 Secure User Interface & Communication NFC and mobile banking will require secure user interface and keypad in second-generation NFC devices Complex user interface generated from application processor, with bank keys residing on SIM Secure link between SIM and application processor Secure applications require isolation from each other STIP is accepted standard isolation in payment terminals STIP enables pluggable applications Not possible for payment companies to verify every model of handset TrustZone provides the opportunity for classification of devices 22

The Complete e-wallet TrustZone Core apps apps Security Aware apps OEM Secure apps SIM binding AMEX STIP Master Card STIP STIP API VISA STIP Secure user interface with key pad input and display,

bank keys to be resident on SIM card Sensitive bank keys and applications can reside on SIM card with a secure channel established to a STIPlet STIP Interpreter Rich OS TrustZone API API / Library

23 The Complete e-wallet TrustZone Core apps apps Security Aware apps OEM Secure apps SIM binding AMEX STIP Master Card STIP STIP API VISA STIP Secure user interface with key pad input and display, controlled from secure TrustZone environment Secure applications sandboxed by the TrustZone Software STIP interpreter Secure channel established between STIPlet and SIM card, permitting sensitive bank keys to be resident on SIM card Sensitive bank keys and applications can reside on SIM card with a secure channel established to a STIPlet STIP Interpreter Rich OS TrustZone API API / Library TrustZone Secure Channel Driver Provider API Secure Channel Interface Secure Manager Crypto HAL MegaSIM HAL Custom HAL NFC/SE IF SIM IF SIM Card ISO 7816 Baseband NFC Host Interface SD IF micro SD Card NFC Antenna NFC/SE IF SE-Secure Controller Integrated Modules, ICs 23

ARM Security Solutions and Numonyx Authenticated Flash

ARM Security Solutions and Numonyx Authenticated Flash How to integrate Numonyx Authenticated Flash with ARM TrustZone* for maximum system protection Introduction Through a combination of integrated hardware