Institutional Repository
Technical University of Crete
EN  |  EL



My Space

Andromeda: enabling secure enclaves for the Android ecosystem

Deyannis Dimitris, Karnikis Dimitris, Vasiliadis Giorgos, Ioannidis Sotirios

Full record

Year 2021
Type of Item Conference Publication
Bibliographic Citation D. Deyannis, D. Karnikis, G. Vasiliadis and S. Ioannidis, “Andromeda: enabling secure enclaves for the Android ecosystem,” in Information Security, Lecture Notes in Computer Science, J.K. Liu, S. Katsikas, W. Meng, W. Susilo, R. Intan, Eds., Cham, Switzerland: Springer Nature, 2021, pp. 195–217, doi: 10.1007/978-3-030-91356-4_11.
Appears in Collections


The Android OS is currently used in a plethora of devices that play a core part of our everyday life, such as mobile phones, tablets, smart home appliances, entertainment systems and embedded devices. The majority of these devices typically process and store a vast amount of security-critical and privacy-sensitive data, including personal contacts, financial accounts and high-profile enterprise assets. The importance of these data makes these devices valuable attack targets.In this paper we propose Andromeda, a framework that provides secure enclaves for Android OS to mitigate attacks that target sensitive or critical code, data and communication channels. Andromeda offers the first SGX interface for Android OS (to the best of our knowledge), as well as services that enhance its security and offer protection schemes for several applications that deal with sensitive or secret data. Andromeda is also able to securely execute SGX-enabled code on behalf of external devices that are not equipped with SGX-capable CPUs. Moreover, Andromeda protects cryptographic keys from memory dump attacks with less than 16% overhead on the corresponding cryptographic operations and provides secure, end-to-end encrypted, communication and computation channels for external devices paired with the Android device.