Txuj ci kuj yog qhov yooj yim, nws yog qhov tsim nyog los rho tawm cov yuam sij ntiag tug

full_ecdsa_1

Hauv cov ntawv tshaj tawm dhau los peb tau ua kom paub tias daim tawv nyias Broadcom tau yooj yim los tawm tsams thiab tam sim no lub sij hawm tshawb fawb los ntawm cov tuam txhab NCC Group qhia cov ntsiab lus ntawm qhov tsis muaj zog (CVE-2018-11976 ) ntawm Qualcomm chips, que tso cai rau txiav txim siab cov ntsiab lus ntawm tus yuam sij encryption nyob hauv qhov chaw raug rho tawm ntawm Qualcomm QSEE (Qhov Chaw Ua Haujlwm Tsim Nyog Ua Haujlwm Ib puag ncig) ua raws li ARZ TrustZone technology.

Cov teeb meem tshwm sim nws tus kheej hauv feem ntau ntawm Snapdragon SoCs, nyob ntawm lub xov tooj Android-based smartphones. Kev kho qhov teeb meem rau cov teeb meem twb tau suav nrog Lub Plaub Hlis Android hloov tshiab thiab kho tshiab cov firmware rau Qualcomm chips.

Qualcomm siv sijhawm ntau tshaj li ib xyoos los npaj qhov kev daws teeb meem: Thaum pib, cov ntaub ntawv hais txog qhov tsis muaj zog raug xa mus rau Qualcomm thaum Lub Peb Hlis 19, 2018.

ARM TrustZone thev naus laus zis ua rau koj los tsim cov khoom siv tiv thaiv kev tiv thaiv cov chaw ib puag ncig uas tau sib cais ntawm lub ntsiab thiab khiav ntawm lub tshuab hluav taws xob txawv txawv uas siv cov kev ua haujlwm tshwj xeeb.

Lub hom phiaj tseem ceeb ntawm TrustZone yog muab cais kev ua tiav ntawm kev siv encryption key handlers, biometric authentication, xa nqi thiab lwm cov ntaub ntawv tsis pub lwm tus paub.

Kev sib cuam tshuam nrog kev ua haujlwm loj tau tshwm sim nyob rau qhov chaw ncaj qha los ntawm kev xa cov ntawv sib cuam tshuam.

Ntiag ntawv encryption muab tso rau hauv kho vajtse cais keystore uas, yog hais tias siv kom raug, tiv thaiv lawv los ntawm kev tawm yog qhov hauv qab system yog nyom.

Hais txog qhov teeb meem

Qhov tsis muaj zog yog cuam tshuam nrog kev ua tsis tiav hauv kev siv ntawm lub algorithm los ua cov txheej txheem elliptic nkhaus, uas tau coj mus rau cov paim quav ntawm cov ntaub ntawv hais txog kev hloov ntaub ntawv.

Cov kws tshawb nrhiav tau tsim kho tus txheej txheem-thib nres tus txheej txheem uas tso cai, raws li los ntaw ncaj qha, rkhaws cov ntsiab lus ntawm tus yuam sij ntiag tugs nyob rau hauv kho vajtse-cais hauv Android Keystore.

Kev poob qis yog txiav txim siab raws li kev soj ntsuam ntawm kev ua haujlwm ntawm kev twv ua ntej thaiv kev hloov thiab kev hloov lub sijhawm nkag mus rau cov ntaub ntawv hauv kev nco.

Thaum sim, Cov kws tshawb nrhiav tau ua tiav zoo rov qab los ntawm 224-ntsis thiab 256-ntsis ECDSA cov yuam sij los ntawm ib qho kev sib txig sib luag ntawm kho vajtse siv nyob rau hauv Nexus 5X smartphone.

Txhawm rau rov qab ua tus yuam sij, nws tau siv ib ncig 12 qhov kos npe digital los tsim, uas siv ntau tshaj 14 teev los ua kom tiav. Lub Cuab Yeej Cachegrab tau siv los ua lub sijhawm tawm tsam.

Lub hauv paus tseem ceeb ntawm cov teeb meem yog kev sib koom ntawm cov cache thiab cov khoom sib txuas ua ke rau kev suav hauv TrustZone thiab hauv cov tswv tsev: kev cais tawm yog ua tiav ntawm theem ntawm lub laj thawj sib cais, tab sis los ntawm kev siv cov khoom siv sib piv thiab teeb tsa kev soj qab taug thiab cov ntaub ntawv hais txog dhia chaw nyob hauv cov processor ib qho cache.

Siv Prime + Kev Sojntsuam, raws li qhov kwv yees ntawm kev hloov pauv lub sijhawm nkag mus rau cov ntaub ntawv khaws tseg, koj tuaj yeem tshawb xyuas qhov muaj qee yam qauv hauv lub cache nrog qhov muaj qhov siab txaus ntawm cov ntaub ntawv ntws thiab kev ua tiav ntawm cov cim ntsig txog digital kos kev suav hauv TrustZone.

Yuav luag txhua lub sijhawm ntawm kev tsim hluav taws xob kos npe nrog ECDSA cov yawm sij ntawm Qualcomm chips yog siv cov kev ua haujlwm sib npaug hauv lub voj voog uas siv cov kev hloov pauv tsis tau pib (vector) rau txhua qhov kos npe.

Si tus neeg tawm tsam tuaj yeem rov qab yam tsawg ob peb kab nrog cov ntaub ntawv hais txog qhov vector no, nws yog qhov tsim nyog yuav tso tawm qhov kev tawm tsam ntawm qhov rov ua ntu zus ntawm tus yuam sij ntiag tug.

Cov ntaub ntawv ntawm Qualcomm, ob lub ntsiab lus ntawm qhov xau ntawm cov ntaub ntawv no tau qhia tawm hauv cov lej sib khoo: thaum ua cov saib lub rooj thiab hauv cov cai tswj xyuas cov ntaub ntawv rho tawm raws tus nqi ntawm lub ntsis kawg hauv "nonce" vector.

Txawm hais tias Qualcomm code muaj cov kev ntsuas los tawm tsam cov ntaub ntawv xau ntawm cov neeg thib peb, txoj kev tawm tsam tsim qauv tso cai rau koj hla txoj kev ntsuas no thiab txhais qee qhov me me ntawm "nonce" tus nqi, uas txaus los rov qab 256 ECDSA cov khoom siv tseem ceeb.


Cov ntsiab lus ntawm tsab xov xwm ua raws li peb cov ntsiab cai ntawm kev tswj hwm kev ncaj nceesCov. Tshaj tawm ib qho yuam kev nyem no.

Tus hais tawm, tawm ntawm koj li

Tso koj saib

Koj email chaw nyob yuav tsis tsum luam tawm.

*

*

  1. Lub luag haujlwm rau cov ntaub ntawv: Miguel Ángel Gatón
  2. Lub hom phiaj ntawm cov ntaub ntawv: Tswj SPAM, kev tswj xyuas tawm tswv yim.
  3. Sau raws cai: Koj kev tso cai
  4. Kev sib txuas lus ntawm cov ntaub ntawv: Cov ntaub ntawv yuav tsis raug xa mus rau lwm tus neeg thib peb tsuas yog los ntawm kev txiav txim siab raug cai.
  5. Cov ntaub ntawv khaws cia: Cov Ntaub Ntawv khaws tseg los ntawm Occentus Networks (EU)
  6. Txoj Cai: Txhua lub sijhawm koj tuaj yeem txwv, rov qab thiab tshem tawm koj cov ntaub ntawv.

  1.   GeekCube said

    Lub Plaub Hlis 28 thiab kuv tseem tos qhov thaj ua rau thaj, tias hauv GNU / Linux tsis tshwm sim

bool (muaj tseeb)