ProtecTeeSIM - HackMD

# ProtecTeeSIM > Threat modelling of consumer telecommunications hardware and cryptographic operations ## :rocket: Project Overview This proposal outlines a comprehensive study of Trusted Execution Environments (TEEs), with a specific focus on [eSIMs](https://en.wikipedia.org/wiki/ESIM) (embedded Subscriber Identity Modules). eSIM is a type of embedded secure element within a mobile device specially focused on managing SIM issues in a secure and protected environment. The experiments aim to identify and address critical security concerns in eSIM management, storage, and activation. According to [GSMA Intelligence](https://www.gsmaintelligence.com/), _by the end of 2025, there are expected to be around 1 billion eSIM smartphone connection globally. While the advantages of eSIM technology are now evident, it's crucial to recognize the security concerns in eSIM management – with ensuring the privacy of sensitive subscriber data as one of the most pressing concerns is software attacks._<br> TEEs are widely relied upon for security guarantees across industries such as finance, telecommunications, cryptography, and identity systems. However, there is a lack of comprehensive understanding of their capabilities, limitations, and vulnerabilities. This study aims to address this gap by systematically evaluating TEE implementations, identifying attack surfaces, and proposing effective mitigations to enhance their security.<br> Establishing the foundation by breaking the eSIM itself, “GP-TEE?” and simultaneously contributing to the design of [OpenRSP](https://github.com/GMMS-Labs/OpenRSP-SBC25-WIP). Open Source Remote SIM Provisioning (OpenRSP) is an intiative to open-source the existing Remote SIM Provisioning protocol using state-of-art cryptography, smart contracts and TEEs. The project is already under R&D for past 3 months. Resulting and contributing to improve a widely used telco protocol by **everyday users**., And spread awareness via blogs , forum posts , newsletter , tweets and other mediums. ## :book: Project Details This project investigates the application of Trusted Execution Environments (TEEs) in enhancing telecommunication security, with a specific focus on eSIM management and cryptographic protocols. By conducting rigorous experiments, the study aims to uncover vulnerabilities, evaluate mitigations, and provide actionable recommendations to improve the security of TEE implementations. The research goal is to evaluate how TEEs can protect sensitive data, enable secure authentication, and enhance cryptographic operations. Central to the study is the secure handling of eSIM profiles, including their storage, activation, and management within the TEE. By leveraging platform-specific cryptographic storage APIs, the experiments will explore methods to isolate eSIM data from non-secure processes and protect against unauthorized access. The research will also assess how TEEs generate, store, and manage cryptographic keys for tasks such as certificate provisioning and secure communication, with a focus on analyzing access controls and resilience to external threats. A key component of this research is the performance evaluation of TEEs during cryptographic computations, including signature generation, encryption, and secure key handling. The study will also examine the feasibility of introducing alternate eSIM profile formats, assessing compatibility and error-handling within the TEE, with countermeasures to subversions. By addressing these critical aspects, the project aims to advance the understanding of TEE capabilities, identify potential vulnerabilities, and contribute to more secure telecommunication protocols and cryptographic practices. This grant will support the project by facilitating the purchase of necessary equipment, licenses and resources required for R&D and publishing results of the study. The project proposal is designed to adhere to milestone timelines with flexible deliverables for each milestone. Specific details are provided in the roadmap section. **The project is aimed as a public-good study of TEEs. The study is non-profit and the team commits to publish all findings along with development resources/codebases under a free-use open source license.** :::success **ANNEX A** explains motivations, impact and challenges of the study in more detail. ::: ### :diamonds: TEAM - **[Tanmay Goel](https://www.linkedin.com/in/tanmay-goel-59a1981b5/)** - **Role**: Project Lead - **Responsibilities**: Manage tasks, timeline, risks, and project roadmap. Conduct necessary research, develop experiments, and present findings. - **Experience**: - Bachelors in Electronics and Communication Engineering from IIIT Guwahati, India. - 5+ years of experience in computer architecture RnD and Hardware-Software co-design. - Ex-CPU Verification Engineer at Nvidia, working on performance micro-architecture of cutting-edge data-center CPUs. - Research internships at I.I.T. Jodhpur and I.I.T. Ropar, focusing on DRAM and GDDR memory technologies, resulting in peer-reviewed publications. - Co-Founder of GMMS Labs. - **Relevant Work**: - https://www.sciencedirect.com/science/article/abs/pii/S0141933122002411 - https://ieeexplore.ieee.org/abstract/document/9424339 - https://substack.com/home/post/p-158395043?source=queue - **[Arpit Kumar](https://github.com/ArpitxGit)** - **Role**: Applied Cryptography Engineer - **Responsibilities**: Establish cryptographic setups and modules to define the eSIM mechanisms w.r.t experiments., advise on methodology, and contribute to research and writing of findings. - **Experience**: - Bachelors in Electronics and Communication Engineering from IIIT Guwahati, India. - 3+ years of experience in decentralized application development and applied cryptography. - Co-Founder of GMMS, with expertise in modern telecommunication and cryptographic protocols. - **Relevant Work**: - Key cryptographic aspects/encryption/algorithms/protocols used in Mobile Communiction https://github.com/ArpitxGit/Blockchain-Powered-eSIM/wiki/Cryptography - Protocols, Users' Cryptographic Identities and Keys in 5G networks https://github.com/ArpitxGit/Blockchain-Powered-eSIM/wiki/Protocols,-Users'-Cryptographic-Identities-and-Keys-in-5G-networks - Security Weakness in 4G and Improvements in 5G respectively https://gist.github.com/ArpitxGit/d30525f398ca4ac6427c2d86cc890fe0 - Applied Cryptography Bootcamp https://github.com/ArpitxGit/sparkling_water_bootcamp - Rust codebase of X.509 Certs to improve chain of trust by introducing proving https://github.com/GMMS-Labs/zkCX - Notes on TEEs from Andrew Miller https://dungexn.notion.site/Episode-339-TEEs-with-Andrew-Miller-037ebb4df14541fb92b649ba7e9c68a9?pvs=4 - Embedded Engineer (To Be Hired) - **Role**: Embedded Systems and Low-Level Software Security Expert - **Responsibilities**: Conduct research and experimental analysis, advise on low-level attack vectors (e.g., OS privilege escalation, speculative attacks), and assist in overcoming technical roadblocks. - **Qualifications**: Expertise in low-level software security, binary analysis, reverse engineering, and hardware-software co-design. Experience with ARM TrustZone, Intel SGX, or similar TEE implementations is preferred. - Part-Time Assistant (To Be Hired) - **Role**: Experimental Support and Content Contributor - **Responsibilities**: Assist in running experiments, collect and present results, and contribute to drafting writeups, papers, and other materials. - **Qualifications**: Strong understanding of hardware-software co-design experimental setups and experience in technical writing. Familiarity with TEEs or cryptographic protocols is a plus. > Github Organisation Page - https://github.com/orgs/GMMS-Labs/repositories ### :diamonds: Equipment The equipment list for TEE experiments includes essential hardware like desktop computers, mobile devices (iOS and Android), smart cards, networking tools, and debuggers, alongside critical software such as ARM Development Studio, Android Studio, Xcode, and reverse engineering tools like IDA Pro and Ghidra. These tools and devices are necessary for developing test environments, conducting penetration testing, reverse engineering, and evaluating TEE implementations across various experiments. :::success A detailed equipment list with use cases and cost estimate is provided in **ANNEX C** of this proposal. ::: ## :dart: Project Road-map This grant proposal follows a milestone-based roadmap, with experiments divided into two categories: eSIM Management and Cryptographic Operations. Each milestone will result in a detailed experiment report, including setup, methodology, results, and actionable improvements. All findings and codebases will be published as open-source contributions, ensuring transparency and public benefit. ### :diamonds: Milestones #### Category 1 : eSIM Management 1. **eSIM Profile Management and Cryptographic Secure Storage (2 months)** 2. **Certificate Handling with key pair generation and protection (2 months)** 3. **eSIM Authentication and Provisioning (2 months)** 4. **Secure Communication Channels for eSIM Management (2 months)** 5. **Real-time eSIM profile validation and status checks (1 month)** #### Category 2 : Cryptographic Operations - **Certificate Handling with key pair generation and protection (1 month) <br> [_Planned as a complementary extension of experiment 2 with a broader cryptographic scope_]** 6. **Passkey security analysis for synced and non-synced keys (2 months)** 7. **Key Injection/Generation (2 months)** 8. **Malware Injection (1 month)** 9. **Cryptographic Compute (1 month)** 10. **Attestation for ID, compute and transactions (2 months)** ### :diamonds: Deliverables The project will produce the following deliverables: - Research Summaries: Comprehensive documentation of all research conducted, including methodologies, findings, and insights. - Experimental Codebases: Open-source codebases for all experimental setups, published under a free-use license. - Raw Findings & Evaluation: Benchmarks, attack vectors, mitigations, and other raw data collected during experiments - Actionable Recommendations: Guidelines and recommendations for improving TEE security, based on experimental results. - Presentations and Publications: Public presentations, blog posts, forum contributions, and peer-reviewed publications to disseminate findings. :::success A detailed experiment list with objectives, experiments and evaluation criteria is provided in **ANNEX B** of this proposal. ::: :::warning **Risk Mitigation**: To address potential risks, the project might implement the following mitigation strategies (if needed): - Deferred Experiments: If needed, defer some experiments for future work as per the prioritisation given in ANNEX B. - Additional Funding: Secure supplementary funding to cover unforeseen expenses or delays. - External Collaboration: Recruit industry experts and research outfits for specialized tasks or advisory roles. - Task Delegation: Delegate non-core tasks (e.g., content writing, administrative work) to external contractors or part-time staff. - Contingency Planning: Maintain a flexible timeline and budget to accommodate unexpected challenges. ::: :::info **Responsible Disclosure**: - All vulnerabilities discovered during the study will be responsibly disclosed to relevant vendors and stakeholders before public release. - The study is committed to public-good outcomes, with all findings and codebases published under open-source licenses. - The team will ensure that findings are presented in a way that minimizes the risk of misuse by malicious actors. - Detailed exploit techniques will be shared only with trusted entities (e.g., vendors, researchers) during the disclosure process and published in public domain after patches are released to mitigate deployable attacks. - All ethical guidelines and disclosure policies (as needed) will be clearly documented and adhered to throughout the project. ::: ### :diamonds: Budget - Total estimated duration : 9 Months (9\*4 weeks) - Full-time equivalent (FTE) : 2 x Full Time + 2 x Part-Time = 3 FTE - Equipment : 10K USD - Indirect Costs : ~5% - Total Cost : 270K (for FTE) + 10K (for Equipment) + 15K (For Indirect Costs) = 295K This budget ensures the necessary resources for conducting rigorous experiments, publishing findings, and contributing to the broader cybersecurity community. # ANNEX A: Breaking TEEs Research on Trusted Execution Environments (TEEs) is inherently challenging due to the intersection of hardware, software, and cryptographic security, requiring a high level of expertise across multiple domains. TEEs are designed to provide isolated, secure environments for sensitive computations, often leveraging hardware features like Intel SGX, ARM TrustZone, or AMD SEV. This complexity arises from the need to understand low-level hardware architectures, operating systems, and advanced cryptographic protocols, as well as the ability to identify and exploit subtle vulnerabilities in these systems. The security of TEEs relies on intricate design choices, and even minor flaws can lead to catastrophic breaches. Researchers must navigate opaque proprietary technologies, limited documentation, and the constant evolution of TEE implementations, which are frequently updated to patch vulnerabilities. Additionally, TEE research often requires specialized equipment, such as hardware debuggers or custom tools, and access to expensive hardware platforms, making it resource-intensive. The process of reverse engineering, vulnerability discovery, and proof-of-concept development is time-consuming, often requiring months or years of dedicated effort. Despite these challenges, pursuing TEE security research offers significant benefits. It advances the state of the art in secure computing, enabling safer systems for sensitive applications like financial transactions, confidential computation and secure identity systems. By uncovering vulnerabilities, researchers contribute to the hardening of TEEs, making them more resilient against real-world attacks. Furthermore, this research has high academic and industrial impact, often leading to groundbreaking discoveries, publications, and collaborations with leading manufacturers to implement findings. TEE security research not only enhances global cybersecurity but also positions researchers at the forefront of a critical and rapidly evolving field. ## **Motivations for the Study** ### **Secure Computation** The primary motivation for this study is to explore the security and vulnerability subversion of TEEs, with a focus on secure computation, cryptography, and identity systems. By uncovering vulnerabilities and proposing mitigations, the study aims to strengthen the trustworthiness of TEEs in critical applications. * **Improving Trust in Secure Enclaves**: By identifying and addressing vulnerabilities in TEEs, researchers can enhance the reliability of secure enclaves, which are critical for privacy-preserving computations in areas like federated learning, multi-party computation, and confidential cloud computing. * **Ensuring Data Integrity**: TEE-breaking studies help uncover flaws that could compromise the integrity of computations, ensuring that sensitive data processed in TEEs remains tamper-proof and accurate. * **Enabling Safer Outsourcing**: Secure computation often relies on TEEs to outsource sensitive tasks to untrusted environments. Breaking studies ensure these environments are truly secure, enabling safer adoption of outsourcing models. * **Advancing Privacy-Preserving Technologies**: Vulnerabilities in TEEs can undermine privacy-preserving technologies like homomorphic encryption or secure multi-party computation. Research in this area strengthens the foundation of these technologies. ### **Cryptography** * **Validating Cryptographic Assumptions**: TEEs often rely on cryptographic primitives for secure key storage, attestation, and data encryption. Breaking studies test the robustness of these implementations, ensuring they meet theoretical security guarantees. * **Strengthening Attestation Mechanisms**: TEEs use cryptographic attestation to prove their integrity. Breaking studies help identify weaknesses in attestation protocols, ensuring they cannot be spoofed or manipulated. * **Improving Key Management**: TEEs are often used to manage cryptographic keys. Research into their vulnerabilities ensures that keys remain secure, even in the face of sophisticated attacks. * **Exposing Side-Channel Vulnerabilities**: Many TEE vulnerabilities arise from side-channel attacks (e.g., timing, power analysis). Research in this area helps develop countermeasures to protect cryptographic operations within TEEs. ### **Identity Systems** * **Securing Digital Identities**: TEEs are increasingly used in identity systems (e.g., biometric authentication, digital passports). Breaking studies ensure that these systems cannot be compromised, protecting users' identities from theft or misuse. [The precedent for using TEEs (and more specifically eUICCs) for Digital Identity has already been set by the EU for their European Digital Identity (EUDI) Wallet](https://www.enisa.europa.eu/publications/public-consultation-on-specifications-for-euicc-certification-under-the-eucc-scheme). * **Preventing Identity Spoofing**: Vulnerabilities in TEEs could allow attackers to spoof identities or bypass authentication mechanisms. Research in this area helps prevent such attacks, ensuring the integrity of identity systems. * **Enhancing Privacy in Identity Verification**: TEEs are used in privacy-preserving identity verification systems (e.g., zero-knowledge proofs). Breaking studies ensure these systems remain secure and private. * **Building Trust in Decentralized Identity Systems**: Decentralized identity systems (e.g., blockchain-based identity) often rely on TEEs for secure key storage and attestation. Research ensures these systems are resilient to attacks, fostering trust in decentralized identity frameworks. ### **Broader Impact** * **Driving Industry Standards**: TEE-breaking studies often lead to the development of new security standards and best practices, raising the bar for secure hardware and software design. * **Encouraging Transparency**: By uncovering vulnerabilities, researchers push vendors to adopt more transparent and open designs, reducing reliance on security through obscurity. To analyse or exploit vulnerabilities in TEEs, researchers and attackers employ a combination of software and hardware-based approaches. These include: ## **Software-Based Approaches** 1. **Exploitation of Vulnerabilities in TEE APIs** - Analyse exposed APIs for weaknesses, such as lack of proper validation, buffer overflows, or privilege escalation bugs. - Tools like fuzzers (e.g., AFL, libFuzzer) can automate the discovery of such flaws. 2. **Privilege Escalation in the Normal World** - Gain root access in the normal OS to elevate privileges and attempt to interact directly with the TEE driver or kernel interfaces. 3. **Side-Channel Analysis (Software Implementation)** - Analyse execution time, cache behaviour, or power consumption indirectly through the normal world to infer secure-world operations. 4. **Reverse Engineering Secure Applications** - Reverse engineer Trusted Applications (TAs) or firmware for flaws. Tools like IDA Pro, Ghidra, and binary analysis libraries can be used for this. 5. **Firmware or Driver Bugs** - Look for bugs in the TEE firmware or its integration in the host system, such as improper memory mapping, race conditions, or data leaks. ## **Hardware-Based Approaches** 1. **Glitch Attacks** - **Voltage Glitches:** Manipulate the device’s power supply to cause faults in secure-world execution. - **Clock Glitches:** Disrupt clock signals to cause malfunctions during critical operations. 2. **Side-Channel Attacks** - Analyse electromagnetic (EM) emissions, acoustic signals, or power usage to infer information about TEE operations. - Cache Timing Attacks: Exploit cache behavior to infer sensitive information (e.g., cryptographic keys) from TEE operations. - Use tools like oscilloscopes and EM probes for data capture. 3. **Fault Injection** - Use laser fault injection or electromagnetic pulses to alter the behaviour of the TEE during execution. 4. **Physical Extraction of Keys** - Decap the chip and use focused ion beams (FIB) or scanning electron microscopes (SEM) to extract stored cryptographic keys. 5. **Cold Boot Attacks** - If the TEE leverages DRAM for temporary storage, data can be captured after a sudden power-off, exploiting the DRAM remanence effect. 6. **Probing the Communication Interface** - Intercept and analyze communication between the normal world and the secure world, typically through shared memory or specific buses like SPI, I2C. ## **Combined Approaches** * **Combining Software Vulnerabilities with Hardware Faults** * Exploit a software vulnerability to gain partial access, then use hardware-based fault injection to escalate or deepen access. * **Remote \+ Local Exploitation** * Use remote attacks (e.g., network fuzzing) to gain initial foothold and then leverage local hardware or software flaws for full compromise. ## **Defensive Considerations** To mitigate these attack vectors, developers and researchers working with TEEs must adopt the following defensive strategies: * Continuously audit and fuzz TEE APIs. * Employ runtime protections like Address Space Layout Randomization (ASLR) for TEE. * Use tamper-resistant hardware designs. * Monitor for emerging attack techniques and patch vulnerabilities promptly. # ANNEX B: Experiment List 1. **eSIM Profile Management and Cryptographic Secure Storage** - **Objective**: Securely manage and store eSIM profiles using the TEE. - **Experiment**: - Use TEE storage to save a test/dummy eSIM profile data. - On Android, leverage the StrongBox or Keystore APIs for isolated cryptographic storage. - On Apple, use the Secure Enclave to store eSIM data cryptographically, examining how to securely access and store profiles in the keychain. - **Evaluation**: Test the protection of eSIM profiles by attempting to access the data from a non-secure application process to verify isolation. 2. **Certificate Handling with Key Pair Generation and Protection** - **Objective**: Test certificate management schemes for X.509 certificates for eSIM provisioning with TEE-secured key pairs. - **Experiment**: - Generate private-public key pairs in the TEE using Secure Enclave on iOS and StrongBox on Android, setting up a small PKI structure. - Use these keys to sign/verify certificates required (SMDP, SMDS and eUICC) for eSIM management. - Examine the difference in handling, particularly focusing on how Android’s Keymaster and Apple’s Secure Enclave manage certificate revocation lists (CRL) or OCSP status checks. - **Evaluation**: Test the access control, inspecting the restrictions of the private key’s usage outside the TEE. 3. **eSIM Authentication and Provisioning** - **Objective**: Perform eSIM authentication with TEE-based certificate or key validation. - **Experiment**: - Create a prototype for an eSIM provisioning application where sensitive authentication data is managed exclusively by TEE. - Authenticate the eSIM via encrypted TEE-stored credentials on both Apple and Android. - Integrate Open Mobile Alliance (OMA) APIs to handle eSIM profile selection, activation, or deactivation based on TEE-stored credentials. - **Evaluation**: Simulate attacks to bypass the TEE in the authentication process to evaluate the security of the authentication flow. 4. **Secure Communication Channel Setup for eSIM Management** - **Objective**: Set up a secure, TEE-backed communication channel for eSIM data transmission. - **Experiment**: - On both platforms, configure a secure communication channel using TEE-backed encryption (such as AES or ECDHE) for data exchange. - Use TEE functions to exchange secure keys and then initialise a connection for profile management or provisioning operations (OpenRSP Profile Management experimental test flows). - Observe if the TEE can maintain confidentiality when sharing sensitive eSIM data with the remote server. - **Evaluation**: Test the encryption and decryption process for speed and security, ensuring that data leakage does not occur during transmission. 5. **Real-Time eSIM Profile Validation and Status Checking** - **Objective**: Verify eSIM profile status in real-time through the TEE. - **Experiment**: - Develop an experiment to periodically validate the status of an active eSIM profile using cryptographic verification in the TEE, ensuring its status aligns with what’s stored in the eSIM and compare state of profile against on-chain analog. - Utilise the secure timer and random number generation from the TEE to check if they add an extra layer of security when performing real-time status validation. - **Evaluation**: Compare profile statuses for discrepancies and confirm that verification is consistent across different levels of network security. 6. **Passkey Security Analysis for Synced and Non-Synced Keys** - **Objective:** Verify the integrity of passkey security in case of both cloud synced and device only passkeys - **Experiment:** - Sign up for passkey based application login. The experiment consists of two variants of passkeys based sign-up, one using cloud backed up passkeys (iCloud keychain for iOS and Google Password Manager for Android) and other in which cloud sync is off on the device and passkeys are only stored locally. - Test different access scenarios for passkey based login from the default app (such as repeated login, sign-in authentication, recovery flows) and check if the private key for passkeys is exposed outside of TEE. - Analyse a malicious application threat model trying to dump the passkey outside TEE. - Repeat the experiments in case of backups and cloud sync disabled for passkey services. - **Evaluation:** Compare the security guarantees for passkeys in synced and non-synced cases and study the attack vectors possible in both cases. 7. **Key Injection/Generation** - **Objective:** Use root access on TEE to inject/create cryptographic keys and certificates into secure storage - **Experiment:** - Use iOS/Android/External TEEs to generate cryptographic keys as per different algorithms and primitives (RSA/ECDSA etc) and study applications possible for these keys. - Try to inject keys generated external to the TEE environment into secure storage and feasibility and understand access control for these keys from the perspective of both native and external application. - **Evaluation:** Test TEE capabilities in different implementations for cryptographic key generation and storage. Understand possible applications and security levels for access in different setups. 8. **Malware Injection** - **Objective:** Setup eSIM application on the device with a Subscription Profile provisioned onto eUICC of the device. Try to inject malicious code from external applications onto TEE to leak Profile secrets or cryptographic keys. Simulate and test the resilience of TEE against malware attempting to compromise secure data or processes. - **Experiment:** - Simulate and test the resilience of TEE against malware attempting to compromise secure data or processes. - On Android, test with apps attempting to breach StrongBox or Keystore. On iOS, simulate access attempts to Secure Enclave. - Monitor how the TEE isolates its processes from other parts of the operating system. - Use Android’s SafetyNet or Apple’s runtime protections to detect malware signatures. - Simulate attacks like privilege escalation or memory dumping to compromise TEE-protected resources. - **Evaluation:** Determine whether the TEE correctly detects and prevents unauthorised access. Document failure points, if any, and the nature of those failures. 9. **Cryptographic Compute** - **Objective:** Evaluate the performance and security of TEE for cryptographic computations of relevant protocols (ECDSA, PKI, Encryption etc) - **Experiment:** - Use the TEE to perform intensive cryptographic operations such as RSA signing, AES encryption, EC key generation and hashing. - Compare cryptographic compute times inside and outside the TEE for operations like key agreement protocols (e.g., ECDH or ECDSA). - Test the TEE’s ability to securely import and restrict the export of cryptographic keys used for high-security applications. - Implement in-house access control features. - **Evaluation:** Measure latency, energy consumption, and throughput of cryptographic operations. Assess security by attempting to extract intermediate computation data. 10. **Attestation for ID, Compute and Transaction Signatures** - **Objective:** Use the TEE to generate attestations for device ID, computational integrity, and transaction signing. - **Experiment:** - Use the Android Hardware Attestation API or Apple’s DeviceCheck API to generate attestations of device authenticity - Validate computation results (e.g., hash of an eSIM profile or cryptographic operation) signed by the TEE. - Compare with the same computation performed outside the TEE to verify accuracy and integrity. - Implement secure transaction signing using TEE-backed private keys. - Test use in wallet or eSIM provisioning transactions, ensuring that the signed data remains tamper-proof and anonymous. - **Evaluation:** Verify the validity and immutability of attestation data. Test for scenarios where attestation could fail or be spoofed and measure robustness. ### :diamonds: Evaluation Criteria 1. **Security**: - Measure the effectiveness of TEE isolation (e.g., success rate of unauthorized access attempts) - Evaluate resistance to known attack vectors (e.g., side-channel, fault injection) 2. **Performance**: - Measure latency, throughput, and energy consumption for cryptographic operations - Compare TEE backed operations with non-TEE implementations 3. **Compatibility**: - Test compatibility with existing standards (e.g., GSMA eSIM specifications) - Evaluate error-handling robustness for non-standard inputs 4. **Usability**: - Assess ease of integration with existing systems (e.g., mobile OS, provisioning servers) - Evaluate developer experience for TEE-backed APIs ### :diamonds: Prioritisation of Experiments - **Critical Experiments** [Must do for core study] - eSIM Profile Management and Cryptographic Secure Storage - Certificate Handling with Key Pair Generation and Protection - eSIM Authentication and Provisioning - Secure Communication Channel Setup for eSIM Management - Cryptographic Compute - **Secondary Experiments** [Important, can be simplified in scope] - Passkey Security Analysis for Synced and Non-Synced Keys - Key Injection/Generation - Attestation for ID, Compute and Transaction Signatures - **Tertiary Experiments** [Explarotary, may be deferred] - Malware Injection - Real-Time eSIM Profile Validation and Status Checking # ANNEX C: Equipment List for TEE Experiments ## Hardware Equipment - Windows/Linux Desktop Computer (Run AOSP) ~ $3000 - Monitor \~ $300 - iOS Device (iPhone 7 or later) (at least 2) ~ $700 - Android Device (Pixel 4 or later) (at least 2) ~ $400 > Above equipment will be utilised in all experiments - Javacards - [NXP JCOP 4](https://www.cardlogix.com/product/nxp-jcop-4-java-card-3-0-5-classic/?srsltid=AfmBOor1ubf0Wc9ar9sX34yNX1aemTckzOQ-28cBqGx8pNUFMrrLYAXU) (or equivalent) ~ $25 - [HSM](https://www.cardlogix.com/product/l-plus-hardware-security-module-hsm-card/) ~ $60 - [CCID Reader](https://www.cardlogix.com/product/hid-omnikey-5027-contactless-smart-card-reader-keyboard-wedge/) ~$100 - [Additional smart card readers](https://www.acs.com.hk/en/products/496/acm39u-y3-smart-card-reader-module/) (if any) - Networking equipment (Routers etc.) ~$200 - [Raspberry Pi](https://www.raspberrypi.com/products/cm5-dev-kit/) ~$130 >This equipment is needed to develop custom testing scenarios, such as using smart cards or compromised networks as attack vectors - [Test eUICC Cards](https://www.comprion.com/shop/test-sims/test-euicc-consumer-device.html) ~$TBD - Will be used in experiments 1-5, 7 and 10 - Debuggers, Logic Analysers, Miscellaneous (as needed) ## Software - [SM-DP+/SM-DS Simulators](https://www.fime.com/shop/product/sm-dp-simulator-4951) ~$TBD - Create a test environment for eSIM provisioning systems with GSMA SAS compatible server instances - Will be used in experiments 2-5 - [ARM Development Studio](https://developer.arm.com/Tools%20and%20Software/Arm%20Development%20Studio#Technical-Specifications) - IDE for ARM platform development, to be used for in-house TEE implementation and simple functional safety tests - Will be used as test-target in experiments 2, 4-5 and 6-10 - [Android Studio](https://developer.android.com/studio) - [Xcode](https://developer.apple.com/xcode/) > Will be used to develop test and target applications for all experiments - [Burp Suite](https://portswigger.net/burp) ~ $449 - Used for penetration testing on web, mobile app and CI/CD - [IDA Pro](https://hex-rays.com/ida-pro) ~ $1100 - A powerful disassembler, decompiler and a versatile debugger. Best available tool - [Metasploit](https://www.metasploit.com/) - Penetration test tool. Free framework has preset tests for >1500 known exploits - [Ghidra](https://ghidra-sre.org/) - Software reverse engineering tool - [Frida](https://frida.re/) - Dynamic instrumentation toolkit, used for script injection, private API hooks and code traces - [Cutter](https://cutter.re/) - Fully integrated reverse engineering platform - [ChipWhisperer](https://www.newae.com/chipwhisperer) - Side channel analysis toolkits on specific hardware targets - [OP-TEE](https://www.trustedfirmware.org/projects/op-tee/) - Open source, linux-companion ARM TrustZone based TEE implementation - [QEMU](https://www.qemu.org/) - Open source emulator and virtualisation tool > Above tools and libraries will be used to create testing environments for evaluation of the target app (Kokio) and TEE implementations. <br> Reverse engineering and binary analysis tools will facilitate penetration testing, side channel possibilities and privilege escalation attacks (evaluation and deliverables for all experiments will rely on these tools) - [Apple Developer License](https://developer.apple.com/programs/enroll/) ~ $300 - [Google Developer License](https://developer.android.com/) ~ $100 > Needed for test app development and access to secure APIs - Other Software, documentation and Licenses (as required) - A lot of useful development aids for project on [https://www.comprion.com/](https://www.comprion.com/) ## 💬 Open Questions :::success Discuss other things that are outside the above. For example, any blind spot in our plan? ::: 1. 2.