Abstract
In this paper, we present SobTrA, a Software-based Trust Anchor for ARM Cortex-A processors to protect systems against software-based attacks. SobTrA enables the implementation of a software-based secure boot controlled by a third party independent from the manufacturer. Compared to hardware-based trust anchors, our concept provides some other advantages like being updateable and also usable on legacy hardware. The presented software-based trust anchor involves a trusted third party device, the verifler, locally connected to the untrusted device, e.g., via the microSD card slot of a smartphone. The verifler is verifying the integrity of the untrusted device by making sure that a piece of code is executed untampered on it using a timing-based approach. This code can then act as an anchor for a chain of trust similar to a hardware-based secure boot. Tests on our prototype showed that tampered and untampered execution of SobTrA can be clearly and reliably distinguished.
| Original language | English |
|---|---|
| Pages | 273-280 |
| Number of pages | 8 |
| DOIs | |
| State | Published - 2014 |
| Externally published | Yes |
| Event | 4th ACM Conference on Data and Application Security and Privacy, CODASPY 2014 - San Antonio, TX, United States Duration: 3 Mar 2014 → 5 Mar 2014 |
Conference
| Conference | 4th ACM Conference on Data and Application Security and Privacy, CODASPY 2014 |
|---|---|
| Country/Territory | United States |
| City | San Antonio, TX |
| Period | 3/03/14 → 5/03/14 |
Keywords
- ARM Architecture
- Mobile Security
- Secure Boot
- Self-checksumming Code
- Smartphone
- Software-based Trust Anchor