Breaking Samsung’s Root of Trust: Exploiting Samsung S10 Secure Boot

Дата: 26.02.2021. Автор: CISO CLUB. Категории: Подкасты и видео по информационной безопасности

Being the highest market share smartphone manufacturer, Samsung conducts a series of protection on Android called Knox Platform to ensure the security of its smartphones. During the booting process, Samsung uses S-boot (Secure Boot) to make sure it can only boot a stocked image. If the device tries to boot a custom image, it will trip a one-time programmable bit e-fuse (a.k.a Knox bit). Once a trustzone app (trustlet) detects the Knox bit tripped, it will delete the encryption key for the sensitive data to prevent unauthorized data access to the locked phone. In this presentation, we’ll present several vulnerabilities we found in S-Boot that are related to USB request handling.

By Cheng-Yu Chao, Hung Chi Su and Che-Yang Wu

Full Abstract & Presentation Materials: https://www.blackhat.com/us-20/briefings/schedule/#breaking-samsungs-root-of-trust-exploiting-samsung-s-secure-boot-20290

CISO CLUB

Об авторе CISO CLUB

Редакция портала cisoclub.ru. Добавляйте ваш материал на сайт в разделе "Разместить публикацию".
Читать все записи автора CISO CLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *