@inproceedings{dc65c646a801410983d530d3d70a3030,
title = "Split-QR Decoder Hybrid Design for ARM TrustZone",
abstract = "In an earlier work we have built a system that extends QR code use between Android systems and servers using Split-SSL between normal and TrustZone security worlds to ensure data integrity. Decoding was assumed to be made by the servers with some disadvantages regarding performance and convenience for application developers. In this work we have designed a novel hybrid method by splitting the QR decoder between the normal and trusted worlds. We have compared three different methods. 1) full operation in REE, 2) Split-QR decoding with dynamic and static QR, and 3) server decoding under dynamic and static QR payments. The five settings showed the feasibility and advantages of using the Split-QR. Advantages compared to server decoder case include significant performance improvement and increased convenience for developers, while adding manageable code to the TrustZone. The success of this application encourages the design of a generalized framework to use split operations, where the TrustZone performs the core critical operations, or delegates them to a dedicated server outside the system if the operations are too extensive. In addition, it manages the meta data that runs noncritical operations on REE. We envision a wider scope of services with large and complex tasks where the Android system cannot handle them generally. All types of operations can be executed while keeping integrity, and sometimes secrecy too. Applications can include machine learning classification, biometric data classification, and medical imaging.",
keywords = "ARM TrustZone, Android, Attack surface. ZBar Decoder, Mobile security, OP-TEE, QR Payments, REE, Split QR decoding, TEE, Threat model",
author = "Salman, {Ammar S.} and Du, {Wenliang Kevin}",
note = "Publisher Copyright: {\textcopyright} 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.; Future of Information and Communication Conference, FICC 2022 ; Conference date: 03-03-2022 Through 04-03-2022",
year = "2022",
doi = "10.1007/978-3-030-98015-3_64",
language = "English (US)",
isbn = "9783030980146",
series = "Lecture Notes in Networks and Systems",
publisher = "Springer Science and Business Media Deutschland GmbH",
pages = "941--961",
editor = "Kohei Arai",
booktitle = "Advances in Information and Communication - Proceedings of the 2022 Future of Information and Communication Conference, FICC",
address = "Germany",
}