October 31 - November 1 - Co-Located Events
October 28-30 - Conference
Lyon Convention Centre - Lyon, France
More information for Open Source Summit + Embedded Linux Conference Europe 2019
Back To Schedule
Wednesday, October 30 • 11:30 - 12:05
Under Lock & Key: Using Hardware Protected Keys with the Linux Crypto API - Gilad Ben Yossef, Arm

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
The Linux Crypto API which provides potentially hardware accelerated cryptographic services to the Linux kernel and user space programs running under it, has a little known but extremely useful feature hidden away in the bowls of this under documented mechanism: the ability to perform cryptographic operations with keys which are locked away in a hardware vault and are not accessible for reading by software running on the main CPU.

This feature, introduced silently (possibly too silently) by IBM for use with their s390 mainframes in 2016, has since been adopted for use in embedded systems by the author when compatible hardware is present and has the potential to provide a critical layer of security for secret keys in these complicated times haunted by the spectre of speculative execution side channel attacks.

The presentation will explain the feature in depth, explain how to tell if your system of choice supports it, show case how to use the feature and some of the gotchas involved.

avatar for Gilad Ben Yossef

Gilad Ben Yossef

Principal Software Engineer, Arm
Gilad Ben-Yossef is a principal software engineer working at Arm on upstream kernel security at large and Arm TrustZone CryptoCell support in particular. Gilad is the co-author of O’Reilly’s “Building Embedded Linux Systems” 2nd edition, co-founder of the Israeli FOSS NGO... Read More →

Wednesday October 30, 2019 11:30 - 12:05 CET
Forum 1
  Embedded Linux Conference, Crypto
  • Session Slides Included Yes