Tamas Ban
Principal Software E...
Arm
Standard Ticket
I have been working on secure and measured boot and attestation solutions in the past years in several tf.org projects (MCUboot, TF-A, RMM).
Talks
MAD24-415 Enabling mobile trust thanks to DPE/DICE in Android
Session
- Friday, 17 May 12:05 - 12:30
- Room: Session 3 | Tenerife II
The DICE attestation scheme is used in Android pVMs to establish trust towards the device. The DPE spec enhances the original idea to move all the related computation into a secure enclave to enforce HW protection. ARM's RSE IP has the required security attributes to host a DPE service. The DPE service (hosted by RSE) was developed within the firmware team and it has been integrated with the wider firmware space (TF-A, U-Boot) and with the software stack of Android pVMs. The goal is to give an overview of the work done and promote the DPE-based attestation solution.