Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
use Qualcomm Crypto Engine HMAC with hardware-bound key as part of encryption key derivation #331
Comments
thestinger
added
the
Type: enhancement
label
Jul 5, 2016
thestinger
added
the
project
label
Jul 22, 2016
thestinger
removed
the
project
label
Aug 12, 2016
thestinger
added
far-future
upstream
labels
Dec 14, 2016
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
thestinger
Dec 14, 2016
Contributor
Have talked about this with the developer of Android's key derivation so they're aware of this option. It would be best if this happened upstream. It's out-of-scope for CopperheadOS without a substantially more sophisticated update server and enough employees to take care of migrating / testing a feature like this to new Android versions on extremely short notice.
|
Have talked about this with the developer of Android's key derivation so they're aware of this option. It would be best if this happened upstream. It's out-of-scope for CopperheadOS without a substantially more sophisticated update server and enough employees to take care of migrating / testing a feature like this to new Android versions on extremely short notice. |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
thestinger
Dec 14, 2016
Contributor
Also, it's best if this is done inside the TEE, but Google seems to want to focus on a hardware-independent option using the currently defined interfaces. They could do better for the Pixel though, and we hope that they do. Regardless, QCE works fine from outside TrustZone too.
|
Also, it's best if this is done inside the TEE, but Google seems to want to focus on a hardware-independent option using the currently defined interfaces. They could do better for the Pixel though, and we hope that they do. Regardless, QCE works fine from outside TrustZone too. |
thestinger commentedJul 5, 2016
•
edited
Edited 1 time
-
thestinger
edited Dec 16, 2016
The TEE-based mechanism is fundamentally flawed (the key is not hardware-bound, but rather stored in TEE, so a TEE exploit can retrieve it rather than the attacker only having the option of extracting it from hardware and a TEE exploit is probably the cheaper route) but it could be supplemented with another scrypt call incorporating key derivation via CE. Could implement HKDF based on the HMAC algorithm it exposes, using the hardware-bound key rather than supplying one. The TEE support via keymaster could simply be left in place. Ideally the entire key derivation would use a hardware accelerated KDF but using QCE for this might be too slow.
It's certainly possible to do this, but it would be unwise to do it right now since it wouldn't be possible to remove something like this if the maintenance burden became too high, or it ended up being difficult to rebase for an upgrade. CopperheadOS would need more resources to tackle issues like this. So right now, the most that can be done is waiting for Google and Qualcomm to put together a fix, which seems unlikely without new hardware being released, even though it's completely possible.