Abstract
In an earlier work we have built a system that extends QR code use between Android systems and servers using Split-SSL between normal and TrustZone security worlds to ensure data integrity. Decoding was assumed to be made by the servers with some disadvantages regarding performance and convenience for application developers. In this work we have designed a novel hybrid method by splitting the QR decoder between the normal and trusted worlds. We have compared three different methods. 1) full operation in REE, 2) Split-QR decoding with dynamic and static QR, and 3) server decoding under dynamic and static QR payments. The five settings showed the feasibility and advantages of using the Split-QR. Advantages compared to server decoder case include significant performance improvement and increased convenience for developers, while adding manageable code to the TrustZone. The success of this application encourages the design of a generalized framework to use split operations, where the TrustZone performs the core critical operations, or delegates them to a dedicated server outside the system if the operations are too extensive. In addition, it manages the meta data that runs noncritical operations on REE. We envision a wider scope of services with large and complex tasks where the Android system cannot handle them generally. All types of operations can be executed while keeping integrity, and sometimes secrecy too. Applications can include machine learning classification, biometric data classification, and medical imaging.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Salman, A.S., Du, W.(: Securing mobile systems gps and camera functions using trustzone framework. In: Arai, K. (ed.) Intelligent Computing. LNNS, vol. 285, pp. 868–884. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-80129-8_58
National Vulnerability Database (NVD). National Institute of Standards and Technology (NIST). https://nvd.nist.gov/vuln. Accessed Nov 2020
Ying, K., Ahlawat, A., Alsharifi, B., Jiang, Y., Thavai, P., Du, W.: TruZ-Droid: integrating trustzone with mobile operating system. MobiSys 2018, June 10–15, Munich, Germany (2018). http://www.cis.syr.edu/~wedu/Research/paper/mobisys2018_truzdroid.pdf
ARM Community. ARM Security Technology - Building a Secure System using TrustZone Technology (2009). https://community.arm.com/cfs-file/__key/telligent-evolution-components-attachments/01-2057-00-00-00-00-53-99/PRD29_2D00_GENC_2D00_009492C_5F00_trustzone_5F00_security_5F00_whitepaper.pdf
Global Platform - OP-TEE Architecture for ARM TrustZone. https://optee.readthedocs.io/en/latest/architecture
Lesniewski-Laas, C., Kaashoek, M.F.: SSL splitting: securely serving data from un-trusted caches. In: Proceedings of the12th USENIX Security Symposium, Washington, D.C., USA, 4–8 August (2003). https://www.usenix.org/conference/12th-usenix-security-symposium/ssl-splitting-securely-serving-data-untrusted-caches
International Organization for Standardization (ISO), Information technology — Automatic identification and data capture techniques — QR Code bar code symbology specification. ISO/IEC 18004:2015 (2015)
Thonky. QR Code Tutorial, Thonky (2021). https://www.thonky.com/qr-code-tutorial/
Matcha Design, QR Code Demystified Series (1–6), MatchaDesign. (2011). https://www.matchadesign.com/news/blog/qr-code-demystified-part-1-6}
Brown, J.: ZBar bar code reader, SourceForg (2015). http://zbar.sourceforge.net/about.html
Lin, J.-A., Fuh, C.-S.: 2D barcode image decoding. Math. Prob. Eng. 848276 (2013). https://doi.org/10.1155/2013/848276
Bhardwaj, N., Kumar, R., Verma, R., Jindal, A., Bhondekar, A.P.: De-coding Algorithm for color QR code: a mobile scanner application, (ICRTIT). In: 2016 International Conference (IEEE). (2016). https://doi.org/10.1109/ICRTIT.2016.7569561
Schrier, M.J.: Barcode Decoding in a Camera-Based Scanner: Analysis and Algo-rithm, PhD Thesis, Madeline J Schrier (2015). https://conservancy.umn.edu/bitstream/handle/11299/175329/Schrier_umn_0130E_16096.pdf%3Bsequence%3D1
xxl. QR Codes - Images of QR Codes: versions 1–4, random four-digit numbers, Kaggle. (2020) https://www.kaggle.com/coledie/qr-codes
Samy, G.: Finder Patterns (QR code) - Finder patterns of QR codes - Yolo format, Kaggle. (2021). https://www.kaggle.com/samygrisard/finder-patterns-qr-code
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Salman, A.S., Du, W.K. (2022). Split-QR Decoder Hybrid Design for ARM TrustZone. In: Arai, K. (eds) Advances in Information and Communication. FICC 2022. Lecture Notes in Networks and Systems, vol 439. Springer, Cham. https://doi.org/10.1007/978-3-030-98015-3_64
Download citation
DOI: https://doi.org/10.1007/978-3-030-98015-3_64
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-98014-6
Online ISBN: 978-3-030-98015-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)