Description
As phones are used for more and more sensitive operations (such as bank transfers for example), there is a great necessity to design and deploy protocols that can ensure the security of such transactions, even in cases when the phone has been compromised. In order to accomplish that, Android in collaboration with Google have worked on a protocol called Android Protected Confirmation. The idea behind this protocol is to give to any application a way to leverage the security of the phone's Trusted Execution Environment (TEE) to sign operations without needing the application code to be directly included in the TEE. This allows a wider usability as the code of the application does not need to be verified to use the protocol. The protocol's main claim is the following: in order for a message to be signed, it must first have been seen and accepted by the user, even in presence of an adversary with root privileges. This gives better guaranties to the server (for example the bank) that the requested transaction is indeed demanded by the user.
Our analysis of this protocol allowed us to find two attacks. The first happens at the registration phase and allows an attacker to register credentials under the victim’s identity. The second one at the transaction phase allows a corrupted rich, non-secure, operating system to send signed messages to an unintended server. We also implemented a variation of the second attack on a Google Pixel 6. Then using the Universal Composability framework, we proposed an ideal functionality for Protected Confirmation and we proved fixes for both attacks.
Practical infos
Next sessions
-
Black-Box Collision Attacks on Widely Deployed Perceptual Hash Functions and Their Consequences
Speaker : Diane Leblanc-Albarel - KU Leuven
Perceptual hash functions identify multimedia content by mapping similar inputs to similar outputs. They are widely used for detecting copyright violations and illegal content but lack transparency, as their design details are typically kept secret. Governments are considering extending the application of these functions to Client-Side Scanning (CSS) for end-to-end encrypted services: multimedia[…]-
Cryptography
-
SoSysec
-
Protocols
-
-
A non-comparison oblivious sort and its application to private k-NN
Speaker : Sofiane Azogagh - UQÀM
Sorting is a fundamental subroutine of many algorithms and as such has been studied for decades. A well-known result is the Lower Bound Theorem, which states that no comparison-based sorting algorithm can do better than O(nlog(n)) in the worst case. However, in the fifties, new sorting algorithms that do not rely on comparisons were introduced such as counting sort, which can run in linear time[…]-
Cryptography
-
SoSysec
-
Privacy
-
Databases
-
Secure storage
-