Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

2

Share

Download to read offline

Android Recoverable Keystore

Download to read offline

Android Recoverable Keystore LT

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Android Recoverable Keystore

  1. 1. ANDROID RECOVERABLE KEYSTORE Nikolay Elenkov Dec 2019
  2. 2. AGENDA • ANDROID KEYSTORE • RECOVERABLE KEYSTORE • IMPLEMENTATION • WHO USES IT? • SUMMARY 1
  3. 3. ANDROID KEYSTORE QUICK INTRO • PROTECTS KEYS WITH HARDWARE • IMPLEMENTED USING TEE OR HARDWARE (TITAN CHIP ON PIXELS) • KEYS ARE NOT EXPORTABLE • INTEGRATES WITH LOCK SCREEN AND BIOMETRICS • KEYS MIGHT REQUIRE AUTHENTICATION TO USE • PROVIDES KEY ATTESTATION • VERIFIABLE INFO ABOUT DEVICE THAT GENERATED KEY 2
  4. 4. KEYSTORE IMPLEMENTATION Source: https://source.android.com/security/authentication/ 3
  5. 5. RECOVERABLE KEYSTORE? • RECOVERABLE == EXPORTABLE? • IS THIS SAFE? • WHY IS IT NEEDED? • 4
  6. 6. BRIEF SPECS • ONLY SYMMETRIC KEYS ARE SUPPORTED (AES) • LOCAL KEYS ARE WRAPPED USING AES-GCM PLATFORM KEY • KEYSTORE SNAPSHOTS ENCRYPTED WITH CLOUD PUBLIC KEY AND KEY BASED ON PIN • AKA: ‘LOCK SCREEN KNOWLEDGE FACTOR’ (LSKF) • ONLY SYSTEM APPS CAN GENERATE AND RESTORE RECOVERABLE KEYS • REQUIRES RECOVER_KEYSTORE (SYSTEM|PRIVILEGED) PERMISSION • KEYS ARE BACKED UP TO GOOGLE CLOUD KEY VAULT SERVICE (CKV) • HTTPS://DEVELOPER.ANDROID.COM/ABOUT/VERSIONS/PIE/SECURITY/CKV-WHITEPAPER 5
  7. 7. RECOVERABLE KEY GENERATION 6
  8. 8. RECOVERABLE KEYSTORE INITIALIZATION 7
  9. 9. RECOVERABLE KEYSTORE SNAPSHOT 8
  10. 10. CRYPTO DETAILS -- SECURE BOX • byte[] SecureBox.encrypt(theirPublicKey,sharedSecret, header,payload) • byte[] SecureBox.decrypt(ourPrivateKey, sharedSecret, header, encryptedPayload) • Key agreement: ECDH with NIST P-256/secp256r1 • Key derivation: HKDF • Encryption: AES-GCM byte[] randNonce = genRandomNonce(); byte[] keyingMaterial = concat(dhSecret, sharedSecret); SecretKey encryptionKey = hkdfDeriveKey(keyingMaterial, HKDF_SALT, hkdfInfo); byte[] ciphertext = aesGcmEncrypt(encryptionKey, randNonce, payload, header); 9
  11. 11. USERS OF RECOVERABLE KEYSTORE • CURRENTLY ONLY GOOGLE PLAY SERVICE (GMS) • HAS RECOVER_KEYSTORE PERMISSION • CAN KICK OFF KEYSTORE SNAPSHOT AND RECOVERY • GMS.AUTH.FOLSOM.START_RECOVERY • ACTION.RECOVERABLE_KEYSTORE_SNAPSHOT • PACKAGE COM.GOOGLE.ANDROID.GMS.AUTH.FOLSOM/* • FOLSOMGCMTASKCHIMERASERVICE • FOLSOMPUBLICKEYUPDATESERVICE • FOLSOMMODULEINITINTENTOPERATION • KEYSYNCINTENTOPERATION • KEYRECOVERYINTENTOPERATION 10
  12. 12. SUMMARY • ANDROID 9-10 HAVE RECOVERABLE KEYSTORE PROTECTED BY LOCKSCREEN PIN • CAN BE MIGRATED TO NEW DEVICE • LINKED TO GOOGLE ACCOUNT • ONLY SYMMETRIC KEYS SUPPORTED ATM • GOOGLE PLAY SERVICES ACTS AS A RECOVERY AGENT • RECOVERABLE KEY ALLOWS SECURE RECOVERY OF ARBITRARY DATA • FULL DEVICE BACKUP, ETC. 11
  13. 13. REFERENCES • INSIDER ATTACK RESISTANCE IN THE ANDROID ECOSYSTEM, ENIGMA 2019 • HTTPS://SECURITY.GOOGLEBLOG.COM/2018/10/GOOGLE-AND-ANDROID-HAVE-YOUR-BACK-BY.HTML • HTTPS://DEVELOPER.ANDROID.COM/GUIDE/TOPICS/DATA/BACKUP • HTTPS://WWW.NCCGROUP.TRUST/US/OUR-RESEARCH/ANDROID-CLOUD-BACKUPRESTORE/ 12
  • g3M5hU

    Dec. 21, 2019
  • gibsson

    Dec. 15, 2019

Android Recoverable Keystore LT

Views

Total views

1,629

On Slideshare

0

From embeds

0

Number of embeds

180

Actions

Downloads

33

Shares

0

Comments

0

Likes

2

×