MAD24-415 Enabling mobile trust thanks to DPE/DICE in Android

Session

Security

  • Friday, 17 May 12:05 - 12:30
  • Room: Session 3 | Tenerife II

The DICE attestation scheme is used in Android pVMs to establish trust towards the device. The DPE spec enhances the original idea to move all the related computation into a secure enclave to enforce HW protection. ARM's RSE IP has the required security attributes to host a DPE service. The DPE service (hosted by RSE) was developed within the firmware team and it has been integrated with the wider firmware space (TF-A, U-Boot) and with the software stack of Android pVMs. The goal is to give an overview of the work done and promote the DPE-based attestation solution.

Add to My Agenda

Presented by

Profile Picture
Tamas Ban
Principal Software Engineer at Arm
I have been working on secure and measured boot and attestation solutions in the past years in several tf.org projects (MCUboot, TF-A, RMM). View more