MASTER Assignment
PATAT: An Open Source Attestation Mechanism for Trusted Execution Environments on TrustZone devices
Type : Master M-CS
Period: December, 2023 - May, 2024
Student : Nijeboer, F.J. (Frank, Student M-CS)
Date Final project: May 28, 2024
Supervisors:
Abstract:
As technology evolves, secure computing environments become increasingly critical. Arm TrustZone, a hardware-based security extension for Cortex processors, provides a trusted environment for applications requiring high levels of confidentiality and integrity. However, effective attestation mechanisms to verify the integrity of TrustZone applications have not been standardized yet. In this research, we investigate the state of attestation mechanisms for Arm TrustZone and propose a novel mechanism, called PATAT, based on Merkle Trees — a data structure for secure data verification — and the Noise Protocol Framework, a framework for building cryptographic handshakes for secure communication. PATAT is designed to fit the Remote Attestation and Trusted Systems (RATS) Architecture, an architecture for attestation mechanisms defined in RFC 9334. We formally verify PATAT using the Tamarin prover, a tool for security protocol analysis, and implement a proof-of-concept to evaluate its performance.