TY - GEN
T1 - Rushmore
T2 - 19th ACM International Conference on Mobile Systems, Applications, and Services, MobiSys 2021
AU - Park, Chang Min
AU - Kim, Donghwi
AU - Sidhwani, Deepesh Veersen
AU - Fuchs, Andrew
AU - Paul, Arnob
AU - Lee, Sung Ju
AU - Dantu, Karthik
AU - Ko, Steven Y.
N1 - Publisher Copyright:
© 2021 ACM.
PY - 2021/6/24
Y1 - 2021/6/24
N2 - We present Rushmore, a system that securely displays static or animated images using TrustZone. The core functionality of Rushmore is to securely decrypt and display encrypted images (sent by a trusted party) on a mobile device. Although previous approaches have shown that it is possible to securely display encrypted images using TrustZone, they exhibit a critical limitation that significantly hampers the applicability of using TrustZone for display security. The limitation is that, when the trusted domain of TrustZone (the secure world) takes control of the display, the untrusted domain (the normal world) cannot display anything simultaneously. This limitation comes from the fact that previous approaches give the secure world exclusive access to the display hardware to preserve security. With Rushmore, we overcome this limitation by leveraging a well-known, yet overlooked hardware feature called an IPU (Image Processing Unit) that provides multiple display channels. By partitioning these channels across the normal world and the secure world, we enable the two worlds to simultaneously display pixels on the screen without sacrificing security. Furthermore, we show that with the right type of cryptographic method, we can decrypt and display encrypted animated images at 30 FPS or higher for medium-to-small images and at around 30 FPS for large images. One notable cryptographic method we adapt for Rushmore is visual cryptography, and we demonstrate that it is a light-weight alternative to other cryptographic methods for certain use cases. Our evaluation shows that in addition to providing usable frame rates, Rushmore incurs less than 5% overhead to the applications running in the normal world.
AB - We present Rushmore, a system that securely displays static or animated images using TrustZone. The core functionality of Rushmore is to securely decrypt and display encrypted images (sent by a trusted party) on a mobile device. Although previous approaches have shown that it is possible to securely display encrypted images using TrustZone, they exhibit a critical limitation that significantly hampers the applicability of using TrustZone for display security. The limitation is that, when the trusted domain of TrustZone (the secure world) takes control of the display, the untrusted domain (the normal world) cannot display anything simultaneously. This limitation comes from the fact that previous approaches give the secure world exclusive access to the display hardware to preserve security. With Rushmore, we overcome this limitation by leveraging a well-known, yet overlooked hardware feature called an IPU (Image Processing Unit) that provides multiple display channels. By partitioning these channels across the normal world and the secure world, we enable the two worlds to simultaneously display pixels on the screen without sacrificing security. Furthermore, we show that with the right type of cryptographic method, we can decrypt and display encrypted animated images at 30 FPS or higher for medium-to-small images and at around 30 FPS for large images. One notable cryptographic method we adapt for Rushmore is visual cryptography, and we demonstrate that it is a light-weight alternative to other cryptographic methods for certain use cases. Our evaluation shows that in addition to providing usable frame rates, Rushmore incurs less than 5% overhead to the applications running in the normal world.
KW - secure image display
KW - TrustZone
KW - visual cryptography
UR - https://www.scopus.com/pages/publications/85110194442
U2 - 10.1145/3458864.3467887
DO - 10.1145/3458864.3467887
M3 - Conference contribution
AN - SCOPUS:85110194442
T3 - MobiSys 2021 - Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services
SP - 122
EP - 135
BT - MobiSys 2021 - Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services
PB - Association for Computing Machinery, Inc
Y2 - 24 June 2021 through 2 July 2021
ER -