Protecting File Activities via Deception for ARM TrustZone

Abstract: A TrustZone TEE often invokes an external filesystem. While filedata can be encrypted, the revealed file activities leak secrets. To hide the file activities from the filesystem and its OS, we propose Enigma, a deception-based defense injecting sybil file activities as the cover of actual file activities.Enigma contributes three new designs. (1) To make the deception credible, the TEE generates sybil calls by replaying file calls from the TEE code under protection. (2) To make sybil activities cheap, the TEE r… Show more