Updated on 8th January, 2018
On January 3rd 2018, Google Project Zero published their findings about potential cache timing side-channels exploiting processors’ speculations. Three variants of the issue may affect many modern processors including ARM-based processors:
- Variant 1 – CVE-2017-5753: bypassing software checking of untrusted values
- Variant 2 – CVE-2017-5715: forcing privileged speculation by training branch predictors
- Variant 3 – CVE-2017-5754: using speculative reads of inaccessible data
These variants are also known as:
- Spectre (variants 1 and 2)
- Meltdown (variant 3)
These side-channels might be used by malicious software installed on a device to gather sensitive data from an unprivileged context. Depending on the variant, a target could be an operating system kernel, a hypervisor or another process running on the same device. No exploit has been demonstrated that enables malicious software running in the ‘rich operating system’ to target code running in ARM TrustZone. For a deeper technical understanding of these side channels, Trustonic recommends reading the ARM whitepaper (available at https://developer.arm.com/support/security-update).
Trustonic has been working with the processor community to analyze potential attacks based on these vulnerabilities and to develop potential mitigations in advance of the public disclosure. Overall, following strong security architecture principles, Trustonic can state that applications and security assets running in the TEE, Kinibi, have a relatively low exposure. This is because Kinibi’s micro-kernel architecture ensures that the most sensitive assets are stored in separate processes, rather than in a single location.
Trustonic has scanned all of its software using the current state of the art detection tools and has not identified any existing instances of the vulnerable code pattern for Spectre variant 1.
For all three variants, Trustonic will continue to analyze its code on an on-going basis and to further strengthen the codebase against these and other potential attacks. Trustonic will work with the relevant processor and device vendors to mitigate any potential risk.
Trustonic would advise partners to run analysis tools over their own code – whether running in the TEE or elsewhere, as Spectre variant 1 can appear in software callable by a potentially malicious agent.
ARM recommends the following approach:
- Search your code for the code snippets, as described in the Cache Speculation Side Channels whitepaper.
- Use the compiler support for mitigations, as described in Compiler Support for Mitigations, to modify any vulnerable sections identified and recompile using the secure primitives.
TrustZone has been demonstrated over the years to be an effective barrier against scalable attacks and continues to be so. As is common in the software and hardware security domain, research is progressing and is finding new variants of potential vulnerabilities. Kinibi is developed by a team of security experts, who constantly monitor for such vulnerabilities and enhance the solution with countermeasures to prevent them from becoming exploitable. This need for constant re-assessment and mitigation is true of all hardware and software security solutions and Trustonic follows industry best practices to keep ahead of the attackers.
In addition, the white box cryptography protection included in Trustonic Application Protection (TAP) solution is not affected at all by Spectre and Meltdown and, as such, remains a robust solution against them. This is because it randomizes and distributes the code and data in memory and therefore ensures that, even if an attacker can gain access to memory use in an Android or iOS process, the attacker cannot easily retrieve sensitive keys within it.