Android Recoverable Keystore LT

1. ANDROID RECOVERABLE
KEYSTORE
Nikolay Elenkov
Dec 2019

2. AGENDA
• ANDROID KEYSTORE
• RECOVERABLE KEYSTORE
• IMPLEMENTATION
• WHO USES IT?
• SUMMARY
1

3. ANDROID KEYSTORE QUICK INTRO
• PROTECTS KEYS WITH HARDWARE
• IMPLEMENTED USING TEE OR HARDWARE (TITAN CHIP ON PIXELS)
• KEYS ARE NOT EXPORTABLE
• INTEGRATES WITH LOCK SCREEN AND BIOMETRICS
• KEYS MIGHT REQUIRE AUTHENTICATION TO USE
• PROVIDES KEY ATTESTATION
• VERIFIABLE INFO ABOUT DEVICE THAT GENERATED KEY
2

4. KEYSTORE IMPLEMENTATION
Source: https://source.android.com/security/authentication/
3

5. RECOVERABLE KEYSTORE?
• RECOVERABLE == EXPORTABLE?
• IS THIS SAFE?
• WHY IS IT NEEDED?
•
4

6. BRIEF SPECS
• ONLY SYMMETRIC KEYS ARE SUPPORTED (AES)
• LOCAL KEYS ARE WRAPPED USING AES-GCM PLATFORM KEY
• KEYSTORE SNAPSHOTS ENCRYPTED WITH CLOUD PUBLIC KEY AND KEY BASED ON PIN
• AKA: ‘LOCK SCREEN KNOWLEDGE FACTOR’ (LSKF)
• ONLY SYSTEM APPS CAN GENERATE AND RESTORE RECOVERABLE KEYS
• REQUIRES RECOVER_KEYSTORE (SYSTEM|PRIVILEGED) PERMISSION
• KEYS ARE BACKED UP TO GOOGLE CLOUD KEY VAULT SERVICE (CKV)
• HTTPS://DEVELOPER.ANDROID.COM/ABOUT/VERSIONS/PIE/SECURITY/CKV-WHITEPAPER
5

7. RECOVERABLE KEY GENERATION
6

8. RECOVERABLE KEYSTORE INITIALIZATION
7

9. RECOVERABLE KEYSTORE SNAPSHOT
8

10. CRYPTO DETAILS -- SECURE BOX
• byte[] SecureBox.encrypt(theirPublicKey,sharedSecret, header,payload)
• byte[] SecureBox.decrypt(ourPrivateKey, sharedSecret, header, encryptedPayload)
• Key agreement: ECDH with NIST P-256/secp256r1
• Key derivation: HKDF
• Encryption: AES-GCM
byte[] randNonce = genRandomNonce();
byte[] keyingMaterial = concat(dhSecret, sharedSecret);
SecretKey encryptionKey = hkdfDeriveKey(keyingMaterial, HKDF_SALT, hkdfInfo);
byte[] ciphertext = aesGcmEncrypt(encryptionKey, randNonce, payload, header);
9

11. USERS OF RECOVERABLE KEYSTORE
• CURRENTLY ONLY GOOGLE PLAY SERVICE (GMS)
• HAS RECOVER_KEYSTORE PERMISSION
• CAN KICK OFF KEYSTORE SNAPSHOT AND RECOVERY
• GMS.AUTH.FOLSOM.START_RECOVERY
• ACTION.RECOVERABLE_KEYSTORE_SNAPSHOT
• PACKAGE COM.GOOGLE.ANDROID.GMS.AUTH.FOLSOM/*
• FOLSOMGCMTASKCHIMERASERVICE
• FOLSOMPUBLICKEYUPDATESERVICE
• FOLSOMMODULEINITINTENTOPERATION
• KEYSYNCINTENTOPERATION
• KEYRECOVERYINTENTOPERATION 10

12. SUMMARY
• ANDROID 9-10 HAVE RECOVERABLE KEYSTORE PROTECTED BY LOCKSCREEN PIN
• CAN BE MIGRATED TO NEW DEVICE
• LINKED TO GOOGLE ACCOUNT
• ONLY SYMMETRIC KEYS SUPPORTED ATM
• GOOGLE PLAY SERVICES ACTS AS A RECOVERY AGENT
• RECOVERABLE KEY ALLOWS SECURE RECOVERY OF ARBITRARY DATA
• FULL DEVICE BACKUP, ETC.
11

13. REFERENCES
• INSIDER ATTACK RESISTANCE IN THE ANDROID ECOSYSTEM, ENIGMA 2019
• HTTPS://SECURITY.GOOGLEBLOG.COM/2018/10/GOOGLE-AND-ANDROID-HAVE-YOUR-BACK-BY.HTML
• HTTPS://DEVELOPER.ANDROID.COM/GUIDE/TOPICS/DATA/BACKUP
• HTTPS://WWW.NCCGROUP.TRUST/US/OUR-RESEARCH/ANDROID-CLOUD-BACKUPRESTORE/
12