Davide Bove

Davide Bove, M. Sc.

Security researcher

Department of Computer Science
Chair of Computer Science 1 (IT Security Infrastructures)

Room: Room 12.134
Martensstr. 3
91058 Erlangen

Open Theses

Look into UnivIs for more information.

Mobile devices use Trusted Execution Environments (TEEs) to protect specific applications from a compromised operating system. Especially security-critical use cases such as cryptography and authentication are often implemented as a trusted application inside so-called Enclaves. These enclaves offer an isolated memory region inside a system to execute actions without interference from outside.
Current mobile devices on Android and iOS make use of TEEs to execute specific actions. For example creating and managing a cryptographic key is done in the ARM TrustZone, a separate OS that is runs in parallel to the normal OS. Technically, a trusted application is running inside the TEE context and does all the necessary computation. The resulting private key never leaves the TEE, and even the operating system cannot directly access it.
For a security analysis, we want to implement a number of applications that make use of trusted apps to perform security-critical actions. For this, we make use of the free RISC-V [1] architecture. On top of it, we run Keystone [2,3], a framework for designing and building own TEEs.
The goal of this thesis is to build a test environment for TEEs that can be used to test specific TEE designs and architectures in an automated way.

For the RISC-V architecture, there are several academic or commercial Trusted Execution Environment (TEE) solutions that have different requirements.

These solutions are based on RISC-V features such as processor modes, physical memory protection (PMP) and more. Especially regarding the processor modes, most RISC-V TEE frameworks require M-S-U modes to function correctly. Apart from the proprietary Hex-Five MultiZone [1], there are no solutions for embedded low-power RISC-V platforms that only implement M or M-U modes.

In this work we explore the challenges and chances of existing TEE frameworks and propose a new framework that can be deployed on embedded devices.

[1] https://hex-five.com/multizone-security-sdk/
[2] https://ascslab.org/conferences/secriscv/materials/papers/paper_15.pdf

Supervised Theses

  • Designing Secure Enclaves on RISC-V
  • Aufbereitung und Analyse von Honeypot-Daten
  • Machine Learning based analysis of honeynet logs
  • Creating an Online Training Platform for Penetration Testing
  • On the Security and Privacy Implications of NFC-based Transactions
  • Analysis Tools for RISC-V Apps

 

Topics I might supervise (if you ask nicely):

  • Mobile security (Android, iOS)
  • Security of Embedded devices

Contact

PGP

Public Key: 0x17A737675E92C730
SHA1 Fingerprint: F76C A55C 1758 A5FA F90F
2B54 17A7 3767 5E92 C730

Professional Activities

Publications

2019

2018