[jope28]

This story How to crack Android encryption on millions of smartphones | ZDNet is saying that Android devices using Snapdragon processors can have encryption cracked.

Is the additional security added by BlackBerry to the Priv protecting it?

Attachment 403240

 Passport/SQW100-3 .2876 CB10 

[conite]

These things are so complicated, it's hard to tell.

[Uzi]

Interesting for sure

[LazyEvul]

Edit: The Priv isn't currently vulnerable if you have the latest updates - the May security update included a fix to the TrustZone vulnerability, and the phone has downgrade protection built-in. This still doesn't address the underlying issue with Android's Full Device Encryption, but a new TrustZone vulnerability will have to be found to exploit it on an up-to-date Priv.

It's quite likely that the Priv is vulnerable to this issue - the issues at hand are out of BlackBerry's control. I read through the researcher's findings last night, and here's what's going on. The encryption key created by Qualcomm CPUs is not directly bound to hardware - it's instead bound to a key derived from the hardware key. Apparently that hardware key is necessary for other purposes (generating keys for other uses, maybe?), and using the key directly would break those usage cases. Because it's not bound to hardware, this means the encryption key can be extracted through software.

You could patch the CPU firmware to eliminate the TrustZone vulnerabilities that make it possible to extract keys in the first place, and I'd expect Qualcomm to do so, but it will still be susceptible to downgrade attacks (new hardware could fix this, but that's not helpful to current device owners).

There's also a problem with how encryption works on Android - when making a request to the "KeyMaster" (the secure module that generates encryption keys without revealing them to the OS), it does not differentiate between Full Device Encryption and other usage cases. So currently, fixing this vulnerability could break requests for encryption keys made by apps or other portions of the operating system.

In other words, this won't be fixed for a while. Qualcomm will certainly fix the TrustZone to make this harder, but to use the hardware key directly in the encryption process will probably require Google to ease app developers into changes made to the KeyMaster and get OEMs to deliver the software updates with those changes.

In fact, realistically speaking, I suspect that most, if not all, existing Android devices will remain forever vulnerable to this. Delivering these fixes is going to be an enormous undertaking, and the Android ecosystem has proven consistently bad at this. It's far easier for Google and Qualcomm to work together on fixing this in future devices.

[thurask]

According to The Register:

So... is it patched?
Beniamini exploited a chain of security bugs to infiltrate KeyMaster – bugs that have since been patched in the source code: one in January and the other in May.

If you're running a Nexus device or otherwise have received and installed the fixes from Google and Qualcomm, then you're safe until the next privilege escalation bugs are found (and there will be more. There always is). Without these programming flaws, you cannot leap from userspace to the kernel to QSEE to KeyMaster.

However, there's a large pool of unpatched Android handsets out there because it's down to the manufacturers and mobile carriers to test, validate and distribute updates to their customers. People's phones and tablets won't trust patches unless they've been signed off by their manufacturers, and Android hardware makers are notoriously slow to do so. That leaves folks with holes in their handhelds' operating system.

A lot of the time, Google can quietly push out patches via Google Play services: the software can install fixes directly from the mothership, bypassing tardy hardware makers. However, problems deep within Android and its drivers – such as the bugs exploited to crack the KeyMaster – cannot be fixed by the Play services, and must be fixed via updates obtained from the manufacturer. When they finally appear, of course.

Even if you are patched, this issue isn't going to go away, Beniamini said, because the way the Qualcomm TrustZone operates means that if another privilege escalation hole is found it can be used in the same way.

"If anyone finds another TrustZone bug in the KeyMaster module, or manages to elevate privileges to the TrustZone kernel, they'd be able to extract the KeyMaster keys again," he said. "This is really the sore point of it all – it means that the FDE scheme is only as strong as the TrustZone software."

I'm taking that to mean that this specific bug isn't present on an adequately-updated Priv (or Nexus for that matter), but I'm not sure if BB's other hardening has anything to do with future exploits.

[LazyEvul]

According to The Register:



I'm taking that to mean that this specific bug isn't present on an adequately-updated Priv (or Nexus for that matter), but I'm not sure if BB's other hardening has anything to do with future exploits.

Not much BlackBerry could have done here without breaking any apps/parts of Android that rely on the KeyMaster, so almost certainly not.

Also, I'd imagine that patched devices would still be vulnerable to downgrade attacks - at least that's what the researcher's report seems to suggest.

[thurask]

Not much BlackBerry could have done here without breaking any apps/parts of Android that rely on the KeyMaster, so almost certainly not.

Also, I'd imagine that patched devices would still be vulnerable to downgrade attacks - at least that's what the researcher's report seems to suggest.

BB's Priv security guide (PDF warning) says they block downgrading, though. They also mention changes to how their FDE works, although they're more marketing fluff than specifics.

[LazyEvul]

BB's Priv security guide (PDF warning) says they block downgrading, though. They also mention changes to how their FDE works, although they're more marketing fluff than specifics.

Fair point, that downgrade prevention should keep the Priv protected so long as no new TrustZone vulnerabilities are found. It sounds like the only substantive changes they made to FDE though was choosing FIPS140-2 compliant cipher suites, it's unlikely that they managed to pull off a change substantial enough to fix the core issue here without breaking anything.

[Ment]

For the average person this won't be an issue. You can't remotely execute this anyway at present. Not to say Android doesn't have security issues, it most certainly does but the attack surface for the average user is small. That's why every article like this has 'potential xyz phones' attached to it. PRIV with the May security update would nullify this.

[jope28]

For the average person this won't be an issue. You can't remotely execute this anyway at present. Not to say Android doesn't have security issues, it most certainly does but the attack surface for the average user is small. That's why every article like this has 'potential xyz phones' attached to it. PRIV with the May security update would nullify this.

What makes you say that "PRIV with the May security update would nullify this"?
When the linked article says that "Beniamini has also contacted Qualcomm concerning this issue but says that "fixing the issue is not simple" and might even require hardware changes".

Is that researcher exaggerating for media attention?


 Passport/SQW100-3 .2876 CB10 

[conite]

What makes you say that "PRIV with the May security update would nullify this"?
When the linked article says that "Beniamini has also contacted Qualcomm concerning this issue but says that "fixing the issue is not simple" and might even require hardware changes".

Is that researcher exaggerating for media attention?


 Passport/SQW100-3 .2876 CB10 

I think he meant that the current attack vector seems to be licked.

[LazyEvul]

What makes you say that "PRIV with the May security update would nullify this"?
When the linked article says that "Beniamini has also contacted Qualcomm concerning this issue but says that "fixing the issue is not simple" and might even require hardware changes".

Is that researcher exaggerating for media attention?


 Passport/SQW100-3 .2876 CB10 

What I think he's saying is that the May security update included a fix for the TrustZone. The researcher is correct because that still doesn't fix the underlying flaws in Android's Full Device Encryption, but the Priv won't be affected until another TrustZone vulnerability is found - especially since BlackBerry seems to have built-in downgrade protection.

Unfortunately, most Android devices are not necessarily so lucky as to have the latest security updates and downgrade protection - so there's still plenty of other Android users that are vulnerable.

[Ment]

Yes Beniamini who found this exploit gave it Google and a fix has been implemented in the May update under CVE-2016-2431 for which he got a credit. The underlying architectural vulnerability remains and it will probably be up to Qualcomm and Google to fix how TrustZone works with Android to prevent further exploits.

[ssbtech]

Please help me out here.
People who run Android devices are worried about security flaws? Why? You run a Google OS loaded with data-mining Google apps.

[conite]

Please help me out here.
People who run Android devices are worried about security flaws? Why? You run a Google OS loaded with data-mining Google apps.

The explicit partnership with Google (providing information for the purposes of targeted advertising in exchange for the use of a huge library of apps and services), is very different from other security issues that can compromise the integrity of the OS or provide information to unknown recipients.

[gizmo21]

Yes Beniamini who found this exploit gave it Google and a fix has been implemented in the May update under CVE-2016-2431 for which he got a credit. The underlying architectural vulnerability remains and it will probably be up to Qualcomm and Google to fix how TrustZone works with Android to prevent further exploits.

Please tell me if I'm right: this article says these two CVE-2015-6639 January and CVE-2016-2431 May patch those qualcomm Trustzone issues.

If I'm correct those two were NOT delivered by BB-sirt to the priv,as "may sec-level" doesn't mean all the same on all devices as the manufacturer can leave fixes out, which BB did with exactly those two Trustzone patches:
BlackBerry powered by Android Security Bulletin ? May 2016
BlackBerry powered by Android? Security Bulletin ? January 2016

So isn't PRIV vulnerable in first place (different appoarch to trustzone implementation at BB-Android) or did BB simply NOT fix those issues?

[Ment]

Please tell me if I'm right: this article says these two CVE-2015-6639 January and CVE-2016-2431 May patch those qualcomm Trustzone issues.

If I'm correct those two were NOT delivered by BB-sirt to the priv,as "may sec-level" doesn't mean all the same on all devices as the manufacturer can leave fixes out, which BB did with exactly those two Trustzone patches:
BlackBerry powered by Android Security Bulletin ? May 2016
BlackBerry powered by Android? Security Bulletin ? January 2016

So isn't PRIV vulnerable in first place (different appoarch to trustzone implementation at BB-Android) or did BB simply NOT fix those issues?

good research on your part. I can't say why those CVE aren't included. Blackberry says the FDE keys are kept in the BlackBerry Secure Compound and I don't know if thats just a branded name for TrustZone, some modification of it, or something developed wholly by Blackberry. It does appear that Blackberry does not consider the CVE to be critical to PRIV.

[LazyEvul]

good research on your part. I can't say why those CVE aren't included. Blackberry says the FDE keys are kept in the BlackBerry Secure Compound and I don't know if thats just a branded name for TrustZone, some modification of it, or something developed wholly by Blackberry. It does appear that Blackberry does not consider the CVE to be critical to PRIV.

My assumption was that they were just rebranding the TrustZone, but their security guide is so devoid of detail that it's hard to say. It would take a lot of substantial work and foresight on BlackBerry's part to create a custom implementation that mitigates these issues, but on the other hand, why exclude those patches?

Unless, of course, those patches break something in BlackBerry's custom version of Android? If I hadn't sold off my Priv I'd love to dig around and shed some light on this, but I can only speculate now.

[gizmo21]

So my linked article says Qualcomm is "only one of the hardware suppliers that made their own TrustZone-implementation", so perhaps it really could be that "BlackBerry Secure Compound" is just another implementation of the same type of software and therefore could not be vulnerable by this specific Qualcomm-issue. But again just speculation until BB explicitly tell us some details (which could be used for their security propaganda too ).