Secure File System -Final Meeting
Industrial Project (234313)
Prof. Michael Elad
StudentsNoam HershtigYuri Bronshtein
04.02.13
SupervisorsBoris Dolgunov
Constantine Elster
Agenda
Goals Problem Description High Level solution
Demo Methodology
Technical Team Work Protocol
Conclusions
Motivation
Motivation (cont.)
Defcon 20 (July 2012): “Into The Droid” by Thomas Cannon Shows how easy is to crack the Android Encryption
“Into The Droid” DEFCON20 Slides from:https://viaforensics.com/mobile-security/droid-gaining-access-android-user-data.html
Goal: Prevent Brute Forcing Encryption Key Solution: 2 Stage Authentication Store Key in TrustZone™ (KeyDB) KeyDB Throttles key retrieval attempts Key management is transparent to user & applications.
Solution ComponentsOS kernel TrustZone
dm-crypt-skm
KeyDBKey
Manager
SFS Kernel Modules
(skm, skm-udp)
User mode
Screen lock application
SFS configuratio
n application
dm-crypt Unmodified
Optional Changes
Original
Demo
Our Process Study Android & Linux Encryption mechanisms:
Device-mapper, dm-crypt LUKS (key management alternative)
Create “proof of concept” encryption key manager Create modular design Define protocol Implement Separate components:
Divide labor by platform: Android Apps / Linux Kernel Use TDD principles:
Unit Tests before code (where applicable) Use “simulation” (python test scripts) to test interfaces in early stages.
Integration Verify separate modules work as expected together
Key Management
Runs in TrustZone
Login Attempt Throttling: Different Locking Schemes available
Long Term Locking “Burst Mode”
User Management: Multiple PIN/Key pairs
Useful for Tablets Administrative Rights Recovery Options
Kernel Modules
Implemented as part of the device-mapper framework <kernel>/drivers/md
dm-crypt-skm: device-mapper target. Wraps dm-crypt, the original crypto device service.
skm (secure key management) Implements the protocol generically. Uses “pluggable” modules for communication with KeyDB in TrustZone. Managed from usermode via ioctls. Creates “/dev/skm” device.
skm-udp Uses netpoll API to communicate with KeyDB via UDP packets.
TrustZone (KeyDB)skm-udp
skm/dev/skm
User: Settings
dm-crypt
dm-crypt-skm
dm (dmsetup)
User: Lock Screen
Development Platform and Languages Android TrustZone Simulator
Java + Android SDK (Eclipse) Testing: jUnit for Android, python for network simulation
Linux kernel modules (dm-crypt-skm, skm, skm-udp) ANSI C
Run on GNU/Debian as vmware guest Tested on 2.6.32 kernel, compatible with 3.3 kernel API.
Testing: python for network simulation Configuration Application
ANSI C Lock Screen Demo
Python and wxPython Source Control
git (assembla private repository)
Kernel TrustZone Protocol
Key Retrieval getKey getStatus
loadKey unloadKey
Misc. getVersion (For backward
compatibility)
User Management addID removeID changePIN setParams getParams unlockID
HW Support
Challenges
Minimal Architectural Changes An early goal was to minimize changes to Android OS & Apps. After studying the linux crypto services,
dm-crypt was chosen as the best subsystem to modify
Kernel Usermode Communications Unorthodox model (simulate ‘CPU mode’ as usermode process) Usually communication is initiated from usermode Options which were considered:
polling (easy to implement, breaks design for actual ARM chips) sysfs/proc (not secure enough) sockets (incompatible with dm) netpoll (modern API in kernel, used primarily for low level debugging)
Conclusions
Design Good design simplifies code stage Allows modularization
Modularization Very important for team based coding Allows easy testing & relatively smooth
integration Helps minimizing changes in porting to
another platform
Minimizing Kernel Code Debugging kernel code is non-trivial and
time consuming Linux APIs are changing all the time:
No current documentation available Version dependent code
Automatic testing is nearly impossible
Early Testing (Test Driven Development) Quick development Easy regression testing
Thank You!