You are here

Software Based Roots of Trust for Enhanced Mobile Device Security

Award Information
Agency: Department of Homeland Security
Branch: N/A
Contract: HSHQDC-13-C-00111
Agency Tracking Number: HSHQDC-13-R-00032-H-SB013.2-002-0019-I
Amount: $99,999.14
Phase: Phase I
Program: SBIR
Solicitation Topic Code: H-SB013.2-002
Solicitation Number: HSHQDC-13-R-00032
Timeline
Solicitation Year: 2013
Award Year: 2013
Award Start Date (Proposal Award Date): 2013-09-20
Award End Date (Contract End Date): 2014-03-19
Small Business Information
591 Camino de la Reina Suite 610
San Diego, CA 92108-3108
United States
DUNS: 010681380
HUBZone Owned: No
Woman Owned: No
Socially and Economically Disadvantaged: No
Principal Investigator
 Robert McGraw
 Chief Technology Officer
 (619) 398-1410
 rmcgraw@ramlabs.com
Business Contact
 Robert McGraw
Title: Chief Technology Officer
Phone: (619) 398-1410
Email: rmcgraw@ramlabs.com
Research Institution
N/A
Abstract

Mobile devices require security features that are utilized by application developers and users to ensure secure communication and commerce. Existing features on mobile hardware are often considered proprietary between the manufacturer and the telecommunications provider, rendering them unavailable for external use. Current works-around involve adding trusted hardware to the device, which increases cost and SWAP, while using a software keying approach places the device's Identity key outside of protected memory, subjecting it to attack.
To provide the needed security, while addressing cost, SWAP, and performance, RAM Laboratories proposes to develop a Mobile Device Trust Solution that implements Roots of Trust (RoTs) via a firmware solution that builds on secure mobile device TrustZone(R) technology, hardware virtualization, TPM Mobile specifications and Android device drivers. The resultant solution will provide a software-based trusted chipset-equivalent security for mobile applications by establishing a Identity to fingerprint the device for keying and signature generation. This Identity is generated by extracting physical circuitry information from physically unclonable functions (PUFs) that establish a unique Identity for the device. The PUFs support a verification engine that generates signatures and keys for RoT Verification; they are used for key generation to encrypt storage for RoT Storage; and, they are used as a basis for keying and activation codes for managing assertions for RoT - Integrity. Our solution will be integrated with our teammate, ViaSat's, Secure Mobility Environment (SME) firmware and targeted to Samsung Galaxy Note II and S4 devices. Phase I takes this technology from TRL 2 to TRL 4.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government