Protecting File Activities via Deception for ARM TrustZone. (arXiv:2205.10963v2 [cs.CR] UPDATED)

A TrustZone TEE often invokes an external filesystem. While filedata can be
encrypted, the revealed file activities can leak secrets. To hide the file
activities from the filesystem and its OS, we propose Enigma, a deception-based
defense injecting sybil file activities as the cover of the actual file
activities.

Enigma contributes three new designs. (1) To make the deception credible, the
TEE generates sybil calls by replaying file calls from the TEE code under
protection. (2) To make sybil activities …

arm deception