Secure key management in a trusted domain on mobile devices

Abstract: As mobile devices manage more and more sensitive information they have become a more targeted platform to exploit. To maintain system integrity while providing a highly responsive product, platform developers have developed hardware as well as software solutions to improve security. Until recently however, it was only possible to devise hardware solutions to achieve the security requirements of EU’s Restricted VoIP protocol. This thesis investigates whether a software solution can provide the necessary levels of assurance to protect EU Restricted Voice over Internet Protocol (VoIP) communications. The thesis covers a literature study over possible approaches to protect sensitive information, which was used in the risk analysis to derive five tests to evaluate the trusted execution environment. The tests show that the trusted execution environment does provide good protection but that the implementation and design greatly influence the robustness and level of assurance that can be expected from the trusted execution environment.