fido & tee: simpler, stronger,...
TRANSCRIPT
![Page 1: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/1.jpg)
1
FIDO & TEE:
Simpler, Stronger, Authentication
Rob Coombs - Security Marketing Director
![Page 2: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/2.jpg)
2
Introduction
Four Compartment Security Model
Emerging Trends
Trusted Apps
FIDO – Moving beyond passwords
Summary
Agenda
![Page 3: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/3.jpg)
3
Two lenses to look at Security & Trust with:
Protection against threats
Delivering better user experiences
Computational Trust builds on strong authentication
of users and devices
Security & Trust
![Page 4: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/4.jpg)
4
PC Era Authentication: Pockets Full of Hardware
TLS
DN
SSEC
SSO
CVC
![Page 5: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/5.jpg)
5
Applying Lessons to Modern Mobile Security
Hypervisor (with hardware
support) separating large pieces of
code
Small, certifiable Trusted Execution
Environment inside Application
processor isolated using ARM
TrustZone® technology protecting
against software attacks
Secure Element for tamper proof
security
Hypervisor
![Page 6: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/6.jpg)
6
TrustZone Based Trusted Execution Environment
Hardware root of trust
A basis for system integrity
Integrity through Trusted Boot
Secure peripheral access
Screen, keypad , fingerprint sensor etc.
Secure application execution
Technology called TrustZone®
Trust established outwards
With normal world apps
With internet/cloud apps
Mobile devices with integrated HW security
ARM Trusted Firmware
![Page 7: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/7.jpg)
7
Standardized EL3 Runtime Firmware
For all 64-bit ARMv8-A systems
Reducing porting and integration work
For SoC and Trusted OS developers
Reusable, reference implementations
PSCI
SMC Calling Convention
Configuration of ARM hardware
Running on ARMv8-A FVPs and Juno
… and on partner’s silicon
ARM Trusted Firmware for 64-bit ARMv8-A The Basics…
ARM Trusted FirmwareEL3
SoC/platform port
Normal World OSEL1/EL2
Trusted OSSecure-EL1
Trusted OS Dispatcher
TOS
spec
ific
p
roto
col a
nd
m
ech
anis
m
Trusted AppSecure-EL0
AppEL0
TOS driver
TOS library
TOS specific protocol via SMC
via
ioct
l
Porting interface between Trusted
Firmware and SoC/platform
Interface between Trusted Firmware and Trusted OS Dispatcher
ARM Trusted Firmware
Trusted OS supplier
SoC supplier
OS/hypervisor supplier
Trusted App supplier
Internal TOS interface
![Page 8: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/8.jpg)
8
Reference boot flows
For 64-bit ARMv8-A systems
Open Source at GitHub
BSD License
Contributors welcome
We just released v1.0
Lots of partners using it
ARM Trusted Firmware for 64-bit ARMv8-A
BL31
EL3 Runtime Firmware
EL2 Execution
Secure-EL1 Execution
SCP Execution
Key
EL3 Execution
BL33
Non-Trusted
Firmware
(e.g. U-Boot,
EDK2)
BL1AP Boot ROM
BL2Trusted Boot
Firmware
BL32
Secure-EL1 Payload
BL0SCP Boot
ROM
BL30
SCP Runtime
Firmware
Platform Boot
Initialization
System &
Power Control
Trusted Board
Boot
Trusted Board
Boot
PSCI
World Switch
Library
SMCCC
Trusted OS Kernel
S-EL1 Payload
Dispatch
Trusted World Normal World
SCP Application Processor (AP)
2nd level Boot
Loader (BL2)
loads all 3rd level
images
1st level Boot
Loader (BL1)
loads 2nd level
image
Loading
RESET RESET
![Page 9: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/9.jpg)
9
Security Profiles
Invasive HW Attacks • Well resourced and funded
• Unlimited time, money & equipment.
Non-invasive HW Attacks • Physical access to device – JTAG, Bus Probing,
IO Pins, etc.
Software Attacks • Malware & Viruses
• Social engineering
Cost/Effort
To Attack
Cost/Effort
to Secure
TrustZone based TEE
SmartCards / HSMs
![Page 10: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/10.jpg)
10
4 Compartment Model – Hierarchy of Trust
Secure
Domain Tamper Proof, Physically Isolated, EAL Certified
SecurCore™
SEE
Secure Element
Smartcard
SIM & TPM
Trusted
Domain
TrustZone®
TEE
Secure Firmware
Device Management
Key Management
Trusted Applications executing from a Trusted
Execution Environment
Protected
Domain
Hypervisor
HYP
Protected Video Path
BYOD
System Management
Virtual Machines and bus masters isolated by a
Hypervisor
Rich
Domain User Apps
Rich OS Android or other OS
Privileged
Supervisor Mode
![Page 11: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/11.jpg)
11
Use Cases: Content Protection
TRUSTED MEDIA PROTECTION PLATFORM v1
Processor Cluster (1 to 8 CPUs)
Trusted
SRAM
DDR
DISPLAY
HDMI
Display
FLASH
Non-
Trusted
CPUs
AUDIO DECODER
SoC
Firmwares
TEE addition for the TZMPv1 Protection Platform
VIDEO
AUDIO
HDCP
VIDEO DECODER
MALI V500
Trusted
Boot
ROM
TEE GPU
APPS
Trusted
Peripherals
Efuse
CRYPTO
RICH OS
Trusted World (ARM TrustZone hardware extension)
Protected World (ARM NSAID hardware extension)
Non-Trusted World
USER
RichOS
INTERCONNECT
NSAID=
DISPLAY
NSAID=
VIDEO
NSAID=
AUDIO
DISPLAY Engines Firmware
Data Structures
Frame Buffers
TZASC
400
Configuration
*Non-Secure Access ID
DRM & Keys protected by TEE
Hardware isolated video path
![Page 12: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/12.jpg)
12
Use Cases: MDM & Enterprise
KERNEL LEVEL
TRUSTZONE™ SYSTEM-ON-CHIP
LOGO
LOGO IN BLACK
LOGO COLOR VERSIONS
LOGO ON BLACK
TOUCHSCREEN DEVICE
DISPLAY
HARDWARE LEVEL
APP LEVEL
SE ANDROID
KNOX FRAMEWORK
SANDBOX
‹t -b a se TEE
SECURE BOOT
PERIPHERAL LEVEL
‹ Hardware Iso la tion ‹ Microke rne l Sep ara tion ‹ Managed Dom ains
fo r Tru ste d App lica tion s ‹ Privile ge d Pe riphe ra l Acce ss
TRUSTED APPLICATION
VPN IDENTITY
ISOLATED PERIPHERAL
CONNECTION
(Trusted Execution Environment)
Trusted Boot
Integrity Management (TIMA)
MDM
Business Apps…
![Page 13: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/13.jpg)
13
Use Cases: Payment
Authentication & Keys
protected by TEE
![Page 14: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/14.jpg)
15
3 New whitepapers from
Apple, Samsung and
Microsoft give good insight
into modern mobile
security practice
Build on principles of:
H/W roots of trust
Trusted Boot
Isolation
Least Privilege
Modern Practice
![Page 15: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/15.jpg)
16
Agenda
Introduction
Four Compartment Security Model
Emerging Trends
Trusted Apps
FIDO – Moving beyond passwords
Summary
![Page 16: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/16.jpg)
17
Trusted App Concept - Trustonic Example
OPERATING SYSTEM TRUSTONIC TEE
TRUSTZONE™ SYSTEM-ON-CHIP
LOGO
LOGO IN BLACK
LOGO COLOR VERSIONS
LOGO ON BLACK
SMART CONNECTED DEVICE
PAYMENT
TRUSTONIC enables d e vice s with a ro o t-o f-tru s t a n d Tru s te d Exe cu tio n En viro n m e n t (TEE) a t m a n u fa ctu re a n d se lls ACCESS to se rvice p ro vid e rs in n e e d o f TRUST.
ENTERPRISE
PAYMENTS COMMERCE
MOVIES SERVICES
Trusted Apps installed by OEM or
OTA (After market provisioning)
Access provided on demand as
service providers need to use TEE
enabled features
![Page 17: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/17.jpg)
18
Connecting Trusted Device Supply with Service Provision
TRUSTED APP MANAGER
CHIP MAKER
DEVICE MAKER
SECURITY DEVELOPERS
SERVICE PROVIDERS
‹t -b a se TEE
‹t -kp h Ke y Ge n
LOGO
LOGO IN BLACK
LOGO COLOR VERSIONS
LOGO ON BLACK
‹t -d e v SDK
‹t -s e k OTA
TRUSTED APPS
APP STORE APPS
![Page 18: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/18.jpg)
19
![Page 19: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/19.jpg)
20
FIDO User Experiences
Show a
biometric
Transaction
Detail Done
Login &
Password
Insert Dongle, Press
button
Done
SECOND FACTOR EXPERIENCE (U2F standards)
PASSWORDLESS EXPERIENCE (UAF standards)
![Page 20: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/20.jpg)
21
FIDO UAF* Functionality
Discovery of authenticators on the client
Registration
Authentication
Transaction Confirmation
*Universal Authentication Framework
![Page 21: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/21.jpg)
22
How does FIDO UAF work?
FIDO SERVER
FIDO Authenticators
Verification
![Page 22: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/22.jpg)
23
User Side
Plugin SDK
FIDO Client
Authenticator Abstraction
Authenticators Authenticators
Private Keys
Authentication Keys
Attestation Key
Authenticators
Relying Party
Web Application
FIDO UAF Server
Attestation Manager
Crypto Policy Rules
Authentication Keys
Attestation Key
Public Keys
Registration, Authentication &
Transaction Confirmation
UAF
Protocol
FIDO - Universal Authentication Framework
Ideal for TrustZone
based TEE
![Page 23: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/23.jpg)
24
First FIDO Deployment already live…
Customers can use their finger to pay with PayPal from their
new Samsung Galaxy S5 because the FIDO Ready™ software
on the device securely communicates between the fingerprint
sensor on their device and PayPal’s service in the cloud. The
only information the device shares with PayPal is a
unique cryptographic “public key” that allows PayPal to
verify the identity of the customer without having to store
any biometric information on PayPal’s servers.
![Page 24: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/24.jpg)
25
FIDO Implementation Using TrustZone based TEE
Crypto Layer
Trusted
Application
Authentication
FIDO Client
& APIs
ARM Trusted Firmware
![Page 25: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/25.jpg)
26
FIDO is rapidly building momentum to transform authentication
Creates a delightful consumer experience
Provides stronger authentication to Relying Parties
Well thought out Privacy Principles
TrustZone based TEE is a perfect fit as an implementation strategy
Confidentiality, Integrity and Trusted Peripherals
Can be extended to interface to Secure Element if required
Please study FIDO & TEE!
Summary
![Page 26: FIDO & TEE: Simpler, Stronger, Authenticationarmtechforum.com.cn/2014/sz/A-8_FIDOandTEE-Simpler... · 2019-09-04 · FIDO Client Authenticator Abstraction Authenticators Authenticators](https://reader034.vdocuments.net/reader034/viewer/2022042200/5e9f6ccbd194da17227a9e6a/html5/thumbnails/26.jpg)
27
Samsung Knox™ 2.0 Whitepaper
http://www.samsung.com/uk/business/resource/white-paper/
iOS Security
http://images.apple.com/ipad/business/docs/iOS_Security_Feb14.pdf
ARM Security Model
http://community.arm.com/docs/DOC-8376
References