For Pixels, due to Weaver, the 2 most sensible choices are either a random 6 digit PIN (most people) or 7 random diceware words as a passphrase. Either you rely on the hardware security features or you don't.
Conversation
If you use a typical weak/mediocre passphrase, the TEE hardware bound key derivation helps if they can exploit secure element but cannot extract the hardware bound key. It depends on how well that's implemented, the delay per attempt (perhaps ~50ms) and your passphrase quality.
1
Also worth noting: TEE hardware bound key derivation has often been incorrectly implemented where the TEE firmware has a key available that is leaked if you compromise the TEE. It's *supposed* to be burned in hw and not accessible to the firmware, just usable for AES or HMAC.
1
The concept is that the TEE is supposed to run thousands of iterations using a hardware provided crypto primitive like AES / HMAC where the key is burned into hardware. Qualcomm Crypto Engine has this feature but their TEE didn't used to actually use it for this key derivation.
1
1
CDD has absolutely no requirements for the implementation beyond the hardware keystore / TEE being integrated somehow. They could require that there is actual hardware bound key derivation and they could require secure element with Weaver, but there's no quality requirements.
1
Replying to
So what I'm getting is it's not worth getting an Android phone that isn't from Samsung as a flagship or some Pixel device
1
Replying to
It really isn't worth it if you care about security.
Samsung does a lot of good security work but the downside of their devices is they add a massive amount of attack surface with all their fancy features. Samsung is closest to being caught up on security features though.
1
2
At least on Samsung's flagship phones... I have no idea what they have on the low end ones, and the super low end MediaTek ones have awful security compared to the Snapdragon/Exynos ones. No clue how broadly they've deployed stuff like secure elements and Weaver on low end.
1
2
Thank you so much for this deep dive. This was a really fascinating read. I really enjoyed reading the whole thread and I have learned way more than I could ever think of from a twitter thread
1
1
Have you ever considered writing blogs about stuff like this? It was really cool for me to read about obscure low level stuff you wrote
1
1
I do write a lot of documentation for grapheneos.org including some articles. I tend to post very detailed threads on Twitter though, often from the project's account. I don't really want a personal blog though. Twitter is lower profile and less work.
Aww it's a shame you don't have a blog but I have to admit this thread of yours was the most interesting thing I've read anywhere in months not just twitter
1