DD/MM/YYYY Name Surname, job title Title of the talk Support for HSM-like capabilities in Android January 6th, 2020 HOW TO BETTER SECURE ENCRYPTION AND SIGNING KEYS, OR
interfaces and operations ◦ Cryptographic key storage (creation and import) ◦ Cryptographic key usage (encryption, singing, attestation) ◦ Cryptographic key restrictions (device state, user biometrics) ◦ Cryptographic key protection (against tampering, rollbacks) ◦ Cryptographic destruction (by expiration, by tampering) • Less costly to develop for. More costly to attack. ◦ Security provided and vetted by a 3rd party Benefits of HSM 03
• Micro-SD card HSMs • Google’s Titan M chip in Google Pixel devices • Android’s Trusty TEE (Trusted Execution Environment) hardware • Google’s Cloud HSM service • Rackable HSM boxes for servers to secure certificate authorities’ (CAs) root keys • ~ Google Titan Security Key • ~ A bank “PIN calculator” Examples of HSM 04
18 No key store available • API >= 18 Key store provides asymmetric key pairs. For signing and verification. • API >= 23 Key store provides symmetric keys. Supports AES and HMAC. Allows for an advanced access control system for keys. • API >= 24 Key store provides key attestation and version binding. • API >= 26 Key store provides device ID attestation. • API >= 28 Key store allows to import encrypted keys in ASN.1. API LEVELS - SOFTWARE SIDE OF THE COIN 08
& 0.3 (API >= 18) Only software (op sys level protection) Keymaster supported • Keymaster 1 (API >= 23) Trusty TEE (Trusted Execution Environment) Keymaster hardware supported. If included by the device manufacturer, software based Keymaster otherwise. • Keymaster 4 (API >= 28) StrongBox Keymaster hardware supported. And previous two options, depending on the hardware manufacturer. KEYMASTER VERSION - HARDWARE SIDE OF THE COIN 09
HARDWARE SIDE OF THE COIN - VOL 2 010 (API >= 23) Trusty TEE keymaster (API >= 28) StrongBox Keymaster “Separate smart chip on-board” • Runs in parallel on the same main CPU and memory as Android OS. • Isolated from the rest of the system by additional security measures. • Has embedded root trust keys. • Only runs trusted (signed) applications. “Computer within a computer” • Its own CPU. • Its own secure storage. • Its own true random-number generator. • Has embedded root trust keys. • Only runs trusted (signed) applications. • Additional mechanisms to resist package tampering and unauthorized sideloading of apps.
3 API 29 2. Google Pixel 3a API 29 3. OnePlus OnePlus 6T API 29 Samsung? - One would hope, but no, not yet. Should have secure hardware, hopefully will support official standards soon. SO, STRONGBOX KEYMASTER SUPPORT? 012
harri35
soudai
nwiizo
ewolff
shift_evolve
kzykmyzw
satoshiimai
kzkmaeda
sansantech
yuhattor
hanon52_
tsuemura
.png){kind=avatar}
customercloud
quramy
notwaldorf
moore
smashingmag
sugarenia
jonrohan
keavy
aarron
keithpitt
tammyeverts
eileencodes
marktimemedia
