Trusted User Inputs - Getting input from a user without letting the OS know about it

Art der Arbeit:

Studien-/Bachelor-/Diplom-/Masterarbeit

Betreuer:

Bove, Davide
Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)
E-Mail: davide.bove@fau.de

Beschreibung der Arbeit:

With the development of Trusted Execution Environments, the security of external peripherals is becoming more and more interesting as they offer a wider attack surface. Especially with input peripherals, strong attackers can fake inputs, perform critical actions or simply eavesdrop on user input and get secrets.

In this thesis we will implement a secure framework that allows users to interact with secure apps. This interaction will be protected such that strong attackers might not be able to read, manipulate or block it. In addition we provide an indicator for the user to assess if the current interaction is genuine and secure. For this we will use a hardware board (e.g. Arty A7 [1]) with a RISC-V [2] core and a TEE solution (HexFive MultiZone [3] or Keystone Enclave [4]) and extend these solutions to protect memory-mapped peripherals.

(1) https://digilent.com/reference/programmable-logic/arty-a7/start
(2) https://en.wikipedia.org/wiki/RISC-V
(3) https://hex-five.com/multizone-security-sdk/
(4) https://keystone-enclave.org/

Vorausgesetzte Vorlesungen bzw. Kenntnisse:

• Intermediate experience with C or C++ or Rust is recommended.

• Experience with build systems (make, cmake) and using compilers is helpful.

Bearbeitungszustand:

Die Arbeit ist bereits abgeschlossen.
Bearbeiter:	David Stengel
Abgegeben am:	15.08.2022