We report on the attestation mechanism implemented in OP-TEE, a trusted OS running on the Arm Cortex-A TrustZone. This mechanism generates attestation evidence accepted by VERAISON, an open-source verification platform.

The attestation mechanism measures the hash values of Trusted Applications (TAs) and generates attestation evidence using an attestation key stored in OP-TEE. It is implemented as a PTA (Pseudo Trusted Application), which functions as part of OP-TEE. The PTA is portable across different OP-TEE versions and extends attestation availability.

We report the provisioning process for both the attester and verifier in this model, emphasizing the need for secure setup. Additionally, we explain how to program TAs and Client Applications (CAs) running on Linux to leverage this remote attestation mechanism. These explanations aim to enable broader adoption of remote attestation by users.

The current source code is open and runs on QEMU and Raspberry Pi 3: https://github.com/iisec-suzaki/optee-ra We are working to integrate this source code into the OP-TEE mainline: https://github.com/OP-TEE/optee_os/pull/7006

Current Security Concerns and Future Plans The current implementation has some security concerns. To address these, we propose three future enhancements: 1) Key Management: Store the attestation key in an HSM (Hardware Security Module) for improved security. 2) Secure Boot Confirmation: Ensure OP-TEE is securely loaded into the TEE during the boot process. 3) Certificate-Based Attestation Keys: Introduce certificates for attestation keys to improve scalability.

These plans involve specific hardware requirements, and we aim to implement them using a board equipped with the NXP i.MX 8M Plus processor and the Secure Element SE050.