The idea was to take advantage of the Trustzone technology to have the non critical part of the Key Management System (KMS) running in the non-secure world while the sensitive cryptographic operations are executed in the TEE. To achieve this, a new backend for the cryptographic service was developed, taking advantage of the TEE supplicant instead of LibreSSL or a hardware HSM as it is the case with the existing backends.
The secure part of the application, running in OP-TEE is then proxying the cryptographic operation to the TPM. The TPM is used to store the master key and perform critical signature operations, thus allowing a maximal level of security at this stage. This way, even in case of physical access to the system, an attacker would have more difficulty retrieving the private keys.
The software stack was built using a reference distribution of Yocto Linux named Poky to build a minimal Linux system.
The cryptographic service is the main component of this project. It consists of a KMS developed by CYSEC in a micro-service architecture. The KMS is composed of a broker, a cryptographic service and a management tool, all written in Rust.
In a nutshell, the project included the achievement of the following tasks:
With this project, CYSEC has elaborated a distribution of its ARCA Trusted OS suitable for embedded devices.
Based on the results of SEGWAY, real-life applications have already been identified and deployed in multiple fields:
Learn more on how to securely run workloads with sensitive data on the cloud, on premise, and on the edge