Split-QR Decoder Hybrid Design for ARM TrustZone

Ammar S. Salman, Wenliang Kevin Du

Research output: Chapter in Book/Entry/PoemConference contribution


In an earlier work we have built a system that extends QR code use between Android systems and servers using Split-SSL between normal and TrustZone security worlds to ensure data integrity. Decoding was assumed to be made by the servers with some disadvantages regarding performance and convenience for application developers. In this work we have designed a novel hybrid method by splitting the QR decoder between the normal and trusted worlds. We have compared three different methods. 1) full operation in REE, 2) Split-QR decoding with dynamic and static QR, and 3) server decoding under dynamic and static QR payments. The five settings showed the feasibility and advantages of using the Split-QR. Advantages compared to server decoder case include significant performance improvement and increased convenience for developers, while adding manageable code to the TrustZone. The success of this application encourages the design of a generalized framework to use split operations, where the TrustZone performs the core critical operations, or delegates them to a dedicated server outside the system if the operations are too extensive. In addition, it manages the meta data that runs noncritical operations on REE. We envision a wider scope of services with large and complex tasks where the Android system cannot handle them generally. All types of operations can be executed while keeping integrity, and sometimes secrecy too. Applications can include machine learning classification, biometric data classification, and medical imaging.

Original languageEnglish (US)
Title of host publicationAdvances in Information and Communication - Proceedings of the 2022 Future of Information and Communication Conference, FICC
EditorsKohei Arai
PublisherSpringer Science and Business Media Deutschland GmbH
Number of pages21
ISBN (Print)9783030980146
StatePublished - 2022
EventFuture of Information and Communication Conference, FICC 2022 - Virtual, Online
Duration: Mar 3 2022Mar 4 2022

Publication series

NameLecture Notes in Networks and Systems
Volume439 LNNS
ISSN (Print)2367-3370
ISSN (Electronic)2367-3389


ConferenceFuture of Information and Communication Conference, FICC 2022
CityVirtual, Online


  • ARM TrustZone
  • Android
  • Attack surface. ZBar Decoder
  • Mobile security
  • OP-TEE
  • QR Payments
  • REE
  • Split QR decoding
  • TEE
  • Threat model

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Signal Processing
  • Computer Networks and Communications


Dive into the research topics of 'Split-QR Decoder Hybrid Design for ARM TrustZone'. Together they form a unique fingerprint.

Cite this