3. Digital signature algorithms

[rakhirhif8963]

Description of the OTrP protocol

The OTrP protocol describes the rules by which messages between TSM and TEE are formed. They must comply with the JSON standard and ensure secure remote control of commands in TA applications.

The messages created can be used for:

— certification of devices and control of their integrity by TSM, as well as to confirm the establishment of trust relationships for the devices themselves;

- secure domain management for running trusted applications;

— data exchange between elements in the built network. OTrP acts as a top-level protocol; to process messages according to the rules of service of the current communication stack, it will be necessary to add your own support mechanism.

When developing the OTrP protocol, the JSON standards imposed on the rules for composing messages and the requirements of the RFC security regulations were taken into account:

1. Rules for the design of digital signatures and encryption in the JSON standard:

— RFC 7515, JSON Web Signature (JWS) — rules for creating a digital signature on the Web;

- RFC 7516, JSON Web Encryption (JWE) - encryption rules on the Web;

— RFC 7517, JSON Web Key (JWK) — rules for formatting keys on the Web;

— RFC 7518, JSON Web Algorithms (JWA) — Cryptographic Algorithms for the Web.

2. Encryption algorithms:

— A128CBC-HS256;

— A256CBC-HS512.


— RS256 (RSA 2048-bit key) — RSA encryption malta mobile database on a 2048-bit key;

— ES256 (ECC P-256)

Additional security measures can also be created by checking the validity of sender certificates, verifying the digital signature on the sender's side, and encryption to prevent data from being compromised during transmission.

Examples of OTrP application