5/16/2023 0 Comments Strongbox key teraWhenever a developer wants to perform a cryptographic operation it will use the KeyStore API that will forward the operation request to the TEE which will perform the actual crypto operation inside the TEE. Cryptographic keys are generated and stored in the Trusty kernel and only lives in plaintext in the Trusty kernel. Communication with the Trusty TEE is done over a strictly defined API interface (Trusty lib). The image above schematically shows how the Trusty kernel execution environment is completely separated from the Android OS. The Trusty kernel runs on the same processor as the Android OS, but is other than that completely separated from the rest of the system by both hardware and software. Structure of a TEEĪ common implementation of a hardware-backed keystore on older Android devices is typically done using a Trusted Execution Environment (TEE).Įxample of the Trusty Kernel by Android. Through KeyInfo.isInsideSecureHardware() a developer can check whether the device is storing key material using a pure software implementation or in the hardware-backed keystore. To further lockdown and securely handle cryptographic key material, hardware-backed keystores were implemented in Android Marshmallow (API Level 23). Since a pure software implementation of the Android KeyStore only protects against one threat model of a rogue third-party app, it does not protect against threat model B and C: a malicious actor with root privileges that can bypass any kernel security measure and separation of processes. Because it was only a software implementation, it solely protected against threat model A, because it was build into the Android system itself, it uses process separation and access control to ensure only the proper application has access to the key material, namely the application (or any other application that has the same UUID) that created and stored the keys in the first place. It was a pure software implementation that, through the Ke圜hain API, gave developers an easy to use container to store their keys. The Android KeyStore (AKS) system was first introduced in Android version 4.0 (codename Ice Cream Sandwich) but did not offer a lot of flexibility to the user. Moreover, it offers facilities to restrict when and how keys can be used, such as requiring user authentication for key use or restricting keys to be used only in certain cryptographic modes. Once keys are in the keystore, they can be used for cryptographic operations with the key material remaining non-exportable. The Android Keystore system lets you store cryptographic keys in a container to make it more difficult to extract from the device. A security baseline is only as strong as its weakest implementation. It is important to understand that a secure mobile architecture design protects against all these threat models. ![]() ![]() C) Malicious actor or app that has root access rights on the device, possibly through a kernel-level exploit.B) Malicious actor that gets access to a device after physically stealing it, it would give him hardware access to the device, possibly dumping memory or other information on the device.A) Another third party app on the device, that does not have any root permissions.Specifically we want to protect cryptographic key material against: ![]() In security we talk about threat models to understand what the different types of attacks are. Threat Modelīefore we are going to learn how we need to secure cryptographic key material, it is necessary to know what we are protecting it against. This post focuses on discussing the second requirement and how this is achieved in Android devices running different versions of the OS. Aside from using a strong cryptographic algorithm, they will need to make sure that 1) cryptographic keys are generated in a secure way and 2) these keys are distributed and stored in a secure way. Strong cryptographic systems have a couple of requirements which they need to meet to ensure a decent security baseline. The security measures in Android evolve with every new update, this is especially the case for the API that is responsible for handling cryptographic key material. ![]() Cryptographic Key Handling in Android: from software to StrongBox and everything in between
0 Comments
Leave a Reply. |