OnQ Blog

Secure boot and image authentication improvements

The ability for users, manufacturers, and carriers to know that devices will only run authorized and trusted software is a core pillar of device security. Secure Boot technology is designed to stop an attacker from loading malicious software onto the device. Such software can potentially compromise a user’s private or financial data or cause irreparable damage to the device.

Qualcomm Technologies has offered Secure Boot technology in its mobile products for many years and we are continually testing, adapting, and improving the solution for our customers.

In 2017, we released our first public whitepaper describing the philosophy and implementation of the Qualcomm Technologies’ Secure Boot solution. Since then, the solution has been improved and we are pleased to make available a new release of the “Secure Boot and Image Authentication” technical overview whitepaper.

A critical innovation has been the isolation of the Trusted Execution Environment (TEE) from the Rich Execution Environment (REE) immediately from the moment of hardware boot. The TEE contains a device’s most critical secrets and most important security functionality; the set of security functionality in the TEE is deliberately kept small to allow it to be vetted to the highest standard. The REE loads and executes the Qualcomm Hypervisor Execution Environment (QHEE) image and the device’s Operating System such as Android or Linux.

In prior iterations of the boot flow, the REE, and the TEE shared a common bootloader. Although the bootloader was well-designed and thoroughly tested, it did present a larger-than-optimal attack surface by which a malicious user might attempt to attack the system. The new separation means that even if the REE bootloader is compromised, the malicious user should not gain access to the data and functionality protected by the Qualcomm TEE code.

Qualcomm Technologies has also simplified the format by which information about an image is stored within the image. This improves the readability of the metadata, the ease by which the image is constructed, and the robustness of the bootloader which must interpret the metadata.

For more information on Qualcomm Technologies’ Secure Boot solution and the image authentication process, download our Secure Boot whitepaper. This whitepaper provides an in-depth look at our boot architecture, image formats, and the supported cryptographic algorithms.

 

Qualcomm Trusted Execution Environment and Qualcomm Hypervisor Execution Environment are products of Qualcomm Technologies, Inc. and/or its subsidiaries.

Opinions expressed in the content posted here are the personal opinions of the original authors, and do not necessarily reflect those of Qualcomm Incorporated or its subsidiaries ("Qualcomm"). Qualcomm products mentioned within this post are offered by Qualcomm Technologies, Inc. and/or its subsidiaries. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Qualcomm or any other party. This site may also provide links or references to non-Qualcomm sites and resources. Qualcomm makes no representations, warranties, or other commitments whatsoever about any non-Qualcomm sites or third-party resources that may be referenced, accessible from, or linked to this site.