Conversation

iOS and Android both support apps opting into keeping their data at rest while locked after first unlock. iOS makes this easier via dedicated data classes. However, you would be very wrong if you assumed that meant this was better in the iOS ecosystem than the Android ecosystem.

Replying to

I believe you are talking about Keyguard-bound keys in android. They don't seem to be equivalent to data class keys in iOS. Keyguard-bound keys are enforced by the OS and it remains in memory to encrypt incoming data while decrypt only when the screen is unlocked.

Replying to

and

This is because TEE has no way to know when the screen is locked. This doesn't prevent post-AFU attacks because if the OS is compromised, so will be the key.

Replying to

TEE/HSM are fully aware of when screen is locked and receive auth token on unlock. There are 2 implementations of the hardware keystore on Android. TEE implementation is the older one. StrongBox HSM is a more secure implementation available since the Pixel 3 and later.

Replying to

"It is worth noting that keyguard binding is enforced by the operating system, not the secure hardware. This is because the secure hardware has no way to know when the screen is locked." Is this not the case anymore with StrongBox?

security.googleblog.com

New Keystore features keep your slice of Android Pie a little safer

Posted by Lilian Young and Shawn Willden, Android Security; and Frank Salim, Google Pay [Cross-posted from the Android Developers Blog...

Daniel Micay

@DanielMicay

Replying to

@co_apprentice

What that means is the OS tells the hardware keystore when the profile is locked. It doesn't mean that the key becomes available again without passing a valid auth token to the keystore. They're contrasting with a timeout enforced by the hardware keystore internally.

10:34 AM · May 29, 2022Twitter Web App

Replying to

and

If the OS is compromised, it can choose not to inform the hardware keystore that the device is locked and it won't ever become unavailable for use. It's up to the keystore to store keys with the authentication features enabled encrypted and decrypt them with the auth token.

Replying to

and

They're not far from being the same feature, one is just based on putting them back at rest with a timeout (requiring a way to authenticate again without unlocking) and the other is simpler and based on the device being locked. Can use both features at the same time if you want.

Show replies