September 27-30, 2021
Seattle, Washington, USA + Virtual
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit + Embedded Linux Conference + OSPOCon 2021 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Pacific Daylight Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Back To Schedule
Monday, September 27 • 2:30pm - 3:20pm
(VIRTUAL) Using OP-TEE as a Cryptography Engine - Gregory Malysa, Timesys

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
In modern embedded applications, security is paramount. The use of OP-TEE to provide a trusted execution environment (TEE) has emerged as a popular and effective solution for a tiered approach to security, securing sensitive operations against vulnerabilities in userspace and the Linux kernel itself. Out of the box, OP-TEE provides a cryptographic API based on the GlobalPlatform TEE Specification including a software-only implementation based on mbedTLS. This system is flexible and designed to be integrated into any system as a general cryptographic provider. This talk focuses on the use of OP-TEE as a cryptography engine in two parts. In the first part, we will discuss some OP-TEE internals and provide an overview of how to integrate platform-specific hardware, such as cryptographic accelerators and hardware random number generators. In the second part, we will discuss building a platform-agnostic key storage system with OP-TEE as a Trusted Application (TA). This will cover the TEE-side TA implementation as well as the methods in which it can be accessed from Linux, including both integration with Linux kernel crypto API and direct userspace access by implementing a standalone library, an OpenSSL engine, or a PKCS#11 provider.


Greg Malysa

Principal Engineer, Timesys
Greg Malysa is a Principal Engineer at Timesys Corporation where he specializes in embedded systems design and implementation and cybersecurity integration. Most recently, his work has focused on how OP-TEE can be leveraged to provide secure services like cryptography and secure key... Read More →

Monday September 27, 2021 2:30pm - 3:20pm PDT
MeetingPlay Platform + Virtual Learning Lab
  Embedded Linux Conference (ELC), Security