Abstract: Systems and methods of generating a software module, including: receiving a cryptographic key identification (ID) and a cryptographic operation type from at least one executable program, generating a software module configured to perform the cryptographic operation with a cryptographic key, sending the software module to the at least one executable program, and performing the operation having the cryptographic operation type with the software module, wherein the software module is generated based on at least one of: a transformation of the cryptographic key corresponding to the received cryptographic key ID, and the received cryptographic operation.

Abstract: Systems and methods of verifying runtime integrity with a trusted execution environment (TEE) may include generating, by a processor in communication with the TEE, a secure communication channel between the TEE and at least one executable program attempting to communicate with the TEE, providing, by the processor, a moving target defense (MTD) module to the at least one executable program via the generated secure communication channel, wherein the MTD module comprises disposable polymorphic code, sending over the secured communication channel, by the processor: data, received from the at least one executable program, and a transformed runtime digest of the at least one executable program, and allowing, by the processor, communication with the TEE when the validity of the transformed runtime digest of the corresponding at least one executable program is verified.

Abstract: Systems and methods of generating a software module, including: receiving a cryptographic key identification (ID) and a cryptographic operation type from at least one executable program, generating a software module configured to perform the cryptographic operation with a cryptographic key, sending the software module to the at least one executable program, and performing the operation having the cryptographic operation type with the software module, wherein the software module is generated based on at least one of: a transformation of the cryptographic key corresponding to the received cryptographic key ID, and the received cryptographic operation.

Abstract: Systems and methods of verifying runtime integrity with a trusted execution environment (TEE) may include generating, by a processor in communication with the TEE, a secure communication channel between the TEE and at least one executable program attempting to communicate with the TEE, providing, by the processor, a moving target defense (MTD) module to the at least one executable program via the generated secure communication channel, wherein the MTD module comprises disposable polymorphic code, sending over the secured communication channel, by the processor: data, received from the at least one executable program, and a transformed runtime digest of the at least one executable program, and allowing, by the processor, communication with the TEE when the validity of the transformed runtime digest of the corresponding at least one executable program is verified.