Comparison of side-channel leakage on Rich and Trusted Execution Environments

A Trusted Execution Environment (TEE) is a software solution made to improve security inside system on chip (SoC) based on ARM architecture. It offers a compromise between the functionality of the Rich Operating System (Rich OS), for example Android, and the security of a Secure Element (SE). ARM TrustZone separates the SoC between two worlds (Normal World and Secure World). The Trusted OS (the OS on the TEE) has several security mechanisms that isolate and secure its execution and data from the Rich OS and save it from data theft. If these mechanisms are made to prevent software attack from Rich OS, this paper proposes to take a look at the identification of data leakage from a TEE facing physical attack. In particular, how a side-channel analysis on electromagnetic (EM) emissions using the Test Vector Leakage Assessment (TVLA) methodology permits to identify the leakage and a correlation electromagnetic analysis (CEMA) can exploit the results.