Embedded Recipes 2022 - Secure Elements in a Trusted Execution Environment
A Secure Element is a tamper resistant device that provides secure storage and an execution environment for sensitive data and cryptographic processing. They connect to the host processors through I2C or SPI on the physical channel and the T=1 ISO/IEC 7816 block oriented half-duplex protocol on the second layer.
A Trusted Execution Environment (TEE) is an area of the main processor that provides isolated execution and confidentiality of its assets. A TEE executes its own secure operating system with access to cryptographic algorithms that, depending on the SoC, can be implemented in software libraries (i.e: libtomcrypt, libmbedtls) or in hardware as accelerator co-processors.
The shared memory mechanisms used by TEEs to communicate with bootloaders and Rich Execution Environments (REE) such as Linux are a perfect match to transport block protocols like T=1. This gives a TEE the opportunity to share buses with a REE, while avoiding access collisions and without imposing static usage or power requirements.
This presentation will explain how the NXP EdgeLock SE05x driver was integrated and upstreamed to OP-TEE, and how it provides cryptographic support and secure storage to the boot firmware (U-boot), the TEE (OP-TEE), and the REE (Linux).
Jorge Ramirez
Видео Embedded Recipes 2022 - Secure Elements in a Trusted Execution Environment канала Kernel Recipes
A Trusted Execution Environment (TEE) is an area of the main processor that provides isolated execution and confidentiality of its assets. A TEE executes its own secure operating system with access to cryptographic algorithms that, depending on the SoC, can be implemented in software libraries (i.e: libtomcrypt, libmbedtls) or in hardware as accelerator co-processors.
The shared memory mechanisms used by TEEs to communicate with bootloaders and Rich Execution Environments (REE) such as Linux are a perfect match to transport block protocols like T=1. This gives a TEE the opportunity to share buses with a REE, while avoiding access collisions and without imposing static usage or power requirements.
This presentation will explain how the NXP EdgeLock SE05x driver was integrated and upstreamed to OP-TEE, and how it provides cryptographic support and secure storage to the boot firmware (U-boot), the TEE (OP-TEE), and the REE (Linux).
Jorge Ramirez
Видео Embedded Recipes 2022 - Secure Elements in a Trusted Execution Environment канала Kernel Recipes
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Kernel Recipes 2022 - What’s new with io_uring
Embedded Recipes 2022 - The next 50 million firmware updates
Kernel Recipes 2018 - Mitigating Spectre and Meltdown vulnerabilities - David Woodhouse
Embedded Recipes 2019 - Testing firmware the devops way
Kernel Recipes 2018 - A year of fixing Coverity issues... - Gustavo A. R. Silva
Embedded Recipes 2017 - Proper APIs to HW video codec accelerators - Olivier Crete
Embedded Recipes 2022 - Tracing on embedded boards
Kernel Recipes 2022
Kernel Recipes - Creating custom Debian images for your embedded device
Kernel Recipes 2015 - Solving the Linux storage scalability bottlenecks - by Jens Axboe
Kernel Recipes 2019 - pidfds: Process file descriptors on Linux
Kernel Recipes 2022 - Rethinking the kernel camera framework
Kernel Recipes 2022 - Make Linux developers fix your kernel bug
Kernel Recipes 2019 - BPF at Facebook
Kernel Recipes 2015 - Linux kernel IO subsystem - by Jan Kara
Embedded Recipes 2018 - Using yocto to generate container images for yocto - Jérémy Rosen
Kernel Recipes 2018 - CLIP OS: a defense-in-depth OS - Mickael Salaün, Timothée Ravier
Embedded Recipes 2018 - SoC+FPGA support in 2018 - Marek Vasut
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
Julia Lawall, INRIA - Coccinelle
Kernel Recipes 2023 - Demystifying the Linux kernel security process