Wipe and rotate hardware-backed keys rather than data:
reddit.com/r/GrapheneOS/c
Factory reset or profile deletion is the right way to prevent future access to data. Clearing app data or uninstalling works on a per-app basis if the app encrypts data with the keystore like Signal.
Conversation
How do you reliably erase an app-specific hardware-backed key without blowing away the entire profile? Don't they just get wrapped with a long-lived key and then stored in normal flash?
1
> How do you reliably erase an app-specific hardware-backed key without blowing away the entire profile?
As stated in the comment, the app can reliably delete hardware-backed keys. Clearing the app data or uninstalling the app will also reliably delete hardware-backed keys too.
1
1
2
> Don't they just get wrapped with a long-lived key and then stored in normal flash?
No, that's not at all how the StrongBox keystore works and it's an oversimplication of the traditional TEE-based keystore. Rollback resistance is a standard feature.
StrongBox keeps keys within a dedicated secure element. From my perspective, the TEE keystore is legacy compatibility cruft, and I don't need to be concerned with devices without StrongBox support for much longer. Pixel 2 and 2 XL are legacy targets for GrapheneOS at this point.
1
1
3
"Pixel 2 and 2 XL are legacy targets for GrapheneOS at this point."
😭 (fine, I'll just get a new phone... grumble grumble)
Unfortunately, that's not true. Rollback resistance is optional for StrongBox Keymaster, just like TEE. Titan M's StrongBox Keymaster does not implement rollback resistance. This is an area I'm working to improve -- along with increasing the number of devices with StrongBox.
1
1
I didn't mean in the context of StrongBox but rather that Qualcomm implements it on all the devices GrapheneOS has supported or is likely to support. StrongBox stores the keys internally so while rollback resistance would be useful for tamper resistance, it's not as important.
1
Show replies