Play all

Intro

The Internet of Things is Here

How Do We Store Things Securely?

SoC Security Features

What is OP-TEE?

Outline

OP-TEE New Platform Bring-up

Background

RNG Driver Plan

Crypto RNG API

Basic Driver Implementation

Configuration

HW Crypto Accelerators

crypto hash.ops

Peek into alloc

What is drvcrypt?

drvcrypt flow

Initialization and Registration

HW Alloc Implementation

HW Context Struct

Accessing OP-TEE From Linux

Trusted Application

What is a TEE Operation?

What are TEE Objects?

Minimal TA Interface II

Minimal AES code

Minimal Example Caveats

Building a Secure Storage System

Storage Application Flow

Slot Ops

Opening a Slot

Remaining TA Pieces

Linux Userspace Access Library

Linux kernel Integration

struct cipher alg

OpenSSL Integration

PKCS#11

Summary

Description:

Explore the use of OP-TEE as a cryptography engine in this comprehensive conference talk. Delve into the challenges of secure storage in the Internet of Things era and learn about SoC security features. Discover the fundamentals of OP-TEE, including new platform bring-up, RNG driver implementation, and hardware crypto accelerators. Examine the process of accessing OP-TEE from Linux, understanding Trusted Applications, and implementing minimal AES code. Gain insights into building a secure storage system, including storage application flow and slot operations. Investigate Linux userspace access libraries, kernel integration, and OpenSSL integration. Conclude with a summary of key takeaways for implementing OP-TEE as a robust cryptography solution.

Using OP-TEE as a Cryptography Engine

Linux Foundation

Add to list

#Computer Science #Cryptography #Internet of Things #AES #OpenSSL #Information Security (InfoSec) #Cybersecurity #Trusted Execution Environment #OP-TEE