On Wednesday, October 3, 2018 at 2:01:28 PM UTC-6, Brian Carlstrom wrote: > > You might want to look at the "SafetyNet Attestation API" for signals > on compromised devices: > > https://developer.android.com/training/safetynet/attestation > > obviously nothing is perfect once the platform is compromised. >
Just to clarify, compromising the platform does not compromise the integrity of fingerprint authentication or the binding of keys to authentication. All of that is done in the Trusted Execution Environment (TEE). Given that the TEE has a much, much smaller attack surface than the platform, it should be correspondingly harder for an attacker to break. TEE implementations should also receive more scrutiny than the platform since they're both more critical to device security and smaller. On the other hand, they're also mostly closed source which tends to deter (but not prevent) vulnerability research. > > -bri > > On Tue, Oct 2, 2018 at 5:38 PM Ashish Bhatia <ashishb...@gmail.com > <javascript:>> wrote: > >> >> >> Ashish >> Consider this scenario >> >> 1. Android platform on the phone is trustworthy >> 2. Secure Element is available to store the key in the hardware >> 3. App A puts the key in the hardware with the fingerprint >> authentication requirement >> >> <https://developer.android.com/training/articles/keystore#UserAuthentication> >> 4. Android platform gets compromised >> 5. An attacker cannot extract the key from the Secure Element >> >> In this case, can an attacker make the key in Secure Element sign >> anything without user interaction? Or, in other words, where is the >> fingerprint authentication constraint being verified? Does that happen in >> the compromised Android platform image? >> >> Regards, >> Ashish >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Android Security Discussions" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to android-security-discuss+unsubscr...@googlegroups.com >> <javascript:>. >> Visit this group at >> https://groups.google.com/group/android-security-discuss. >> For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-security-discuss+unsubscr...@googlegroups.com. Visit this group at https://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
