Breaking Samsung's ARM TrustZone

Presented at Black Hat USA 2019, Aug. 8, 2019, 5 p.m. (60 minutes)

The increasing popularity of connected devices in recent years has led manufacturers to put a greater emphasis on security, finding themselves in need of robust designs that would protect their users.

From these requirements emerged the ARM TrustZone, a system-wide hardware isolation technology. It introduces a trusted Secure World that can process code and data while ensuring their integrity and confidentiality. This Secure World can also watch over the user-controlled (and therefore untrusted) Normal World to verify its integrity, similarly to the mechanism implemented in Samsung's TIMA.

It can also access hardware peripherals, such as keyboards, screens, or crypto-processors in a secure and isolated manner to create trusted UIs, implement DRMs, etc. All the sensitive data and the critical interruptions are directly handled by the Secure World without ever passing through the Normal World.

However, the usage of this technology comes at a cost. By widening the attack surface and exposing privileged components, TrustZone can potentially introduce a single point of failure that allows the compromission of the entire system.

Using Samsung's TrustZone implementation as a target, this presentation explains and demonstrates how this new attack surface can be leveraged to hijack and exploit trusted components. After explaining the internals and interactions of these components developed by Samsung, different vulnerabilities will be detailed and exploited to execute code at EL3, the highest privilege level on an ARM-based system.

Presenters:

• Joffrey Guilbon - Security Engineer, Quarkslab
  Joffrey Guilbon is a Security Researcher at Quarkslab working on mobile and embedded systems. His usual work includes low-level systems, reverse engineering (on several targets such as operating systems, trusted execution environment components, secure boot implementations, bootroms, etc.), vulnerability research, binary exploitation, and tools development to ease things out. In his free time he enjoys participating in Capture The Flag (CTF) competitions and in open-source projects (IDArling for example).
• Alexandre Adamski - Security Engineer, Quarkslab
  Alexandre Adamski is working at Quarkslab in the Data Analysis team. As an R&D engineer, his work includes reverse engineering, low-level systems, vulnerability exploitation, and his all time favorite: tools development. In his free time, he develops open-source tools and plugins (IDArling, AMIE, etc).
• Maxime Peterlin - Security Engineer, Quarkslab
  Maxime Peterlin is a Security Researcher working in Quarkslab's embedded & hardware team. His day-to-day work includes reverse engineering, studying low-level systems, vulnerability research, binary exploitation, and tools development. Occasionally, he enjoys participating in Capture the Flag competitions and pursuing his research during his own time.

Links:

• https://www.blackhat.com/us-19/briefings/schedule/#breaking-samsungs-arm-trustzone-14932
• https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2019/Breaking Samsung's ARM TrustZone.mp4
• https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2019/Breaking Samsung's ARM TrustZone.en.transcribed.srt (subtitles)
• https://www.youtube.com/watch?v=uXH5LJGRwXI

Similar Presentations:

• Black Hat Asia 2020 Virtual / May the Trust be with You: Empowering TrustZone-M with Multiple Trusted Environments
• Black Hat USA 2014 / Reflections on Trusting TrustZone
• Black Hat USA 2022 / Trust Dies in Darkness: Shedding Light on Samsung's TrustZone Keymaster Design