Abstract
Many security-critical services on mobile devices rely on Trusted Execution Environments (TEEs). However, due to the proprietary and locked-down nature of TEEs, the available information about these systems is scarce. In recent years, we have witnessed several exploits targeting all major commercially used TEEs, which raises questions about the capabilities of TEEs to provide the expected integrity and confidentiality guarantees. In this paper, we evaluate the exploitability of TEEs by analyzing common flaws from the perspective of an adversary. We provide multiple vulnerable TEE applications for OP-TEE, a reference implementation for TEEs, and elaborate on the steps necessary for their exploitation on an Android system. Our vulnerable examples are inspired by real-world exploits seen in-the-wild on commercially used TEEs. With this work, we provide developers and researchers with introductory knowledge to realistically assess the capabilities of TEEs. For these purposes, we also make our examples publicly available.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.