10

Inspired by this question (and more specifically, this answer to the same):

When a passphrase is used, the encryption key is not stored directly in the device. [...]

When using biometrics, each reading differs, so no unique value can be used to derive a KEK. The encryption key must be stored somewhere in the device and accessible without a KEK derived from some data provided by the user.

I can unlock my phone using fingerprints or a passphrase. Assuming the fingerprint reader itself cannot be spoofed (which I know is false, but the point is to ignore that attack vector for the purposes of this question), is this configuration as insecure as having no passphrase, as a naïve reading of the above would seem to imply?

To clarify: I suspect the above is talking about using only biometrics as the unlock token. In actuality, if my device has been powered completely off (or after a timeout), biometric authentication is disabled and the passphrase must be used. This suggests that a sensible implementation is to not store the "raw" key in non-volatile memory, but only in volatile memory after the device has been unlocked using the passphrase in order to facilitate biometric authentication. Once that volatile memory goes away, the device is equally secure as if biometrics were not in use.

Does anyone know if Android security is actually implemented in this manner?

Matthew
  • 423
  • 2
  • 8
  • 2
    According to android documentation, data is encrypted with a key derived from pin or password: For data that should be encrypted with a key associated with user credentials, such as a PIN or password, use credential encrypted storage. Credential encrypted storage is only available after the user has successfully unlocked the device, up until when the user restarts the device again. (https://developer.android.com/training/articles/direct-boot) – b4da Nov 09 '21 at 16:37
  • 3
    "I suspect the above is talking about using only biometrics as the unlock token" Yes. – A. Hersean Nov 09 '21 at 16:56
  • And, you cannot remove your fingerprint immediately ( e.g. during interrogation), however, you can forget your password. – kelalaka Nov 09 '21 at 19:05
  • @kelalaka Although, depending on how intense the interrogation is, it might actually be more reliable to destroy your fingerprint with a sharp object than to try to forget your password well enough to resist sustained torture...not that anyone whose information is _that_ valuable would be reading this lol – Radvylf Programs Nov 10 '21 at 02:57

1 Answers1

10

Yes. Biometric authentication is not cryptographically bound to File Based Encyption (FBE). It only works in After First Unlock (AFU) state in which FBE keys are already decrypted. In AFU state, the processor's Trusted Execution Environment (TEE) reencrypts FBE keys using a Ephemeral Key (EK). EK remains inside TEE and is valid until next reboot. Reencrypted FBE keys are then cached in vold and the Linux kernel keyring.

When the Linux kernel requires this key to read or write a file, it calls TEE which decrypts the cached FBE keys, derives a 64-byte AES-256-XTS key, and programs it in into the Inline Crypto Engine (ICE). Biometric authentication at locked screen only prevents access to device features and apps that require screen to be unlocked. However, password managers (or in-app biometric authentication in general) cryptographically bind successful result of biometric authentication with key decryption.

Apps can ask TEE to decrypt their keys and token only when biometric authentication is successful. Biometric verification is done by vendor library inside TEE and biometric sensor is connected with TEE using SPI channel. Even with fake sensor, the authentication result is still upto TEE to decide. The sensor only sends the data. But biometrics can be spoofed so it's not a primary way of authenticating the user. Android fallsback to Lock Screen Knowledge Factor (LSKF) after every 72 hours or after every 3 consecutive failed biometric authentication (whichever happens first).

Connection between PIN/password and encryption keys in Android

File Based Encryption

Qualcomm File Based Encryption (pdf)

Heinzi
  • 2,914
  • 2
  • 21
  • 25
defalt
  • 6,231
  • 2
  • 22
  • 37
  • Heh. And of course this would apply to Trusted Devices/Locations, also, which I'd forgotten about when writing the question (e.g. how I can play music or use Android Auto without unlocking my phone...). I guess that means even with *only* passphrase authentication, the device remains in "partly unlocked" state after boot? – Matthew Nov 09 '21 at 16:46
  • 1
    Once it is in after first unlock state, there's no going back. FBE keys are decrypted and remain cryptographically unbound to LSKF until next reboot. – defalt Nov 09 '21 at 16:50