Malicious Code Detection for Trusted Execution Environment Based on Paillier Homomorphic Encryption

Ziwang WANG  Yi ZHUANG  

IEICE TRANSACTIONS on Communications   Vol.E103-B   No.3   pp.155-166
Publication Date: 2020/03/01
Online ISSN: 1745-1345
DOI: 10.1587/transcom.2019EBP3098
Type of Manuscript: PAPER
Category: Fundamental Theories for Communications
trusted execution environment,  malicious code detection,  mobile security,  

Full Text: FreePDF(1.7MB)

Currently, mobile terminals face serious security threats. A Trusted Execution Environment (TEE) which can provide an isolated execution environment for sensitive workloads, is seen as a trusted relay for providing security services for any mobile application. However, mobile TEE's architecture design and implementation strategy are not unbreakable at present. The existing researches lack of detect mechanisms for attack behaviour and malicious software. This paper proposes a Malicious code Detection scheme for Trusted Execution Environment based on Homomorphic Encryption (HE-TEEMD), which is a novel detection mechanism for data and code in the trusted execution environment. HE-TEEMD uses the Paillier additive homomorphic algorithm to implement the signature matching and transmits the ciphertext information generated in the TEE to the normal world for detection by the homomorphism and randomness of the homomorphic encryption ciphertext. An experiment and security analysis proves that our scheme can achieve malicious code detection in the secure world with minimal cost. Furthermore, evaluation parameters are introduced to address the known plaintext attack problem of privileged users.