A special mode of operation of a CPU that guarantees execution of code in a protected way with respect to confidentiality and integrity.
It is often used to run code that has a high degree of confidentiality, such as code related to DRM content decryption and playback, to minimize the risk of content decryption keys or device certificates being compromised.
Mobile devices that host a Content Decryption Module for PlayReady SL3000 or Widevine Level 1 run the most sensitive parts of code within a TEE.
Is code running within a TEE resilient to key lifting attacks?
Yes.
