A Design And Implementation Of USB Key Based On Tee

With the development of mobile network technologies and mobile terminals, the way people get information and deal with affairs has gradually transferred from the PC to the mobile terminal. In recent years, the rapide growing of tablet PCs, smart phones and others makes these devices more and more accessible get user’s sensitive information, while the openness of the mobile device operating system cannot guarantee the safety of equipment, website accounts stolen and the financial loss of bank-card have occurred from time to time. The Trusted Execution Environment——which uses hardware supported isolation techniques, independent operating system of intelligent mobile terminal, isolation and scalable execution environment to be responsible for the implementation of security applications. By retaining a portion of the process of the operating system in the intelligent terminal, it monitors the operation and provides a unified interface to the secure execution environment for the development of the safety program at any time. This way can make the TEE ensure the safety of the mobile terminal from the hardware level. Even if the phone is rooted, TEE will not be damaged, this ensures the security of sensitive data inside the phone.This paper designs a USB Key which is used to do digital signature in intelligent mobile terminal by using the TEE technology. We analyze the role that USB Key based on TEE playes in increasing the safety of the payment system by describing the scenarios we usually use USB Key to sign the transaction.The thesis is organized as follows: Firstly we introduce the ARM Trust Zone hardware technologies and Trusted Execution Environment technology which is published by the Global Platform, then present the key technology and its functions of TEE. Based on the previous work, we simulate a USB Key by using of TEE, and then design and implement three parts ——the USB Key API, maintenance tool and USB Key server. All the realization of crypto-operation, key data storage and trusted input and output function are made inside the TEE, so we can ensure the safety of data processing. Then by combining with secure payment system based on USB Key, we described the workflow and role of USB Key based on TEE in detail. At last we carried out the design and simulation in the open source SDK- Open Virtualization. The results show that this design is safe and feasible after the functional test, and it also has a certain practical significance.