Smartphones are the prevalent platform for handling all kinds of daily digital tasks, from web-browsing and emailing, to multimedia and entertainment, to all kind of apps for communication, information, productivity and so on. However, the popularity of smartphones has made these platforms also very attractive targets to attackers.
The protection of login credentials when accessing web services becomes crucial under phishing and malware attacks. While many modern mobile phones provide hardware-supported security mechanisms, they have been (and still are) not fully utilized by most phone operating systems. The iPhone operating system iOS has made significant progress with this respect in recent years, in particular the usage of the Secure Enclave and the integration of the password wallet ("Keychain" called there). Back in the early days of smartphones, such features were broadly missing. That brought me to the research idea of integrating the TruWallet secure password manager from the security kernel operating system on the PC to the mobile platform and utilizing the ARM Trusted Execution Environment (TrEE). Moreover, in our research, called TruWalletM (the mobile version of TruWallet), show how to use these mechanisms, in particular the TrEE, to protect the user's login credentials. We designed and implemented our prototype based on a Nokia N900 mobile platform. The key design solution, which allows us to meet these requirements, is to split a single SSL/TLS connection between the user device and the server into two logically separated channels, where one is protected by TrEE and is used to transmit passwords, and another one is intended for conventional data.
Various forms of malware exists, in particular for the Android platform. Interestingly, Android came from the very beginning with some advanced operating system security concepts and controls. One key security feature of Android was and is the app sandboxing and the definition of different app privileges that the Android OS controls and enforced. Back in 2010, we showed that this concept had some conceptual weaknesses though, and we were also able to demonstrate the attack in practice, namely that apps could escalate their defined privileges and gain control to resources they were not allowed to.