Your Smartphone Has a Special Security Chip. Here’s How It Works
Google’s new Pixel 3 phones have a “Titan M” security chip. Apple has something similar with its “Secure Enclave” on iPhones. Samsung’s Galaxy phones and other Android phones often use ARM’s TrustZone technology. Here’s how they help protect your phone.
The Basics
These chips are basically separate little computers inside your phone. They have different processors and memory, and they run their own tiny operating systems.
Your phone’s regular operating system and the applications running on it can’t see inside the secure area. This protects the secure area from tampering and lets the secure area do a variety of useful things.
It’s a Separate Processor
All these chips work in slightly different ways. In Google’s new Pixel phones, Titan M is an actual physical chip that’s separate from the phone’s normal CPU.
With Apple’s Secure Enclave and ARM’s TrustZone, the Secure Enclave or TrustZone is not technically a different “chip.” Instead, it’s a separate, isolated processor built into the device’s main system-on-a-chip. While it’s built-in, it still has a separate processor and area of memory. Think of it as a chip inside the main chip.
Either way—whether it’s Titan M, Secure Enclave, or TrustZone—the chip is a separate “coprocessor.” It has its own special area of memory and runs its own operating system. It’s completely isolated from everything else.
In other words, even if your entire Android or iOS operating system was compromised by malware and that malware had access to everything, it wouldn’t be able to access the contents of the secure area.
How It Protects Your Phone
The data on your phone is stored encrypted on disk. The key that unlocks the data is stored in the secure area. When you unlock your phone with your PIN, password, Face ID, or Touch ID, the processor inside the secure area authenticates you and uses your key to decrypt your data in memory.
This encryption key never leaves the security chip’s secure area. If an attacker is attempting to sign in by guessing multiple PINs or passwords, the secure chip can slow them down and enforce a delay between attempts. Even if that person had compromised your device’s main operating system, the secure chip would limit their attempts to access your security keys.
On an iPhone or iPad, the Secure Enclave stores encryption keys that protect your face (for Face ID) or fingerprint (for Touch ID) information. Even someone who stole your phone and somehow compromised the main iOS operating system wouldn’t be able to view information about your fingerprint.
Google’s Titan M chip can also protect sensitive transactions in Android apps. Apps can use Android 9’s new “StrongBox KeyStore API” to generate and store their own private keys in Titan M. Google Pay will be testing this out soon. It could also be used for other types of sensitive transactions, from voting to sending money.
iPhones work similarly. Apple Pay uses the Secure Enclave, so the details of your payment card are stored and transmitted securely. Apple also lets apps on your phone store their keysin the Secure Enclave for additional security. The Secure Enclave ensures its own software is signed by Apple before booting, so it can’t be replaced with modified software.
ARM’s TrustZone works very similarly to the Secure Enclave. It uses a secure area of the main processor to run critical software. Security keys can be stored here. Samsung’s KNOXsecurity software runs in the ARM TrustZone area, so it’s isolated from the rest of the system. Samsung Pay also uses ARM TrustZone to handle payment card information securely.
On a new Pixel phone, the Titan M chip also secures the bootloader. When you start your phone, Titan M ensures you’re running the “last known safe Android version.” Anyone with access to your phone can’t downgrade you to an older version of Android with known security holes. And the firmware on Titan M can’t be updated unless you enter your passcode, so an attacker couldn’t even create a malicious replacement for Titan M’s firmware.
Why Your Phone Needs a Secure Processor
Without a secure processor and isolated memory area, your device is much more open to attack. The secure chip isolates critical data like encryption keys and payment information. Even if your device is compromised, malware couldn’t access this information.
The secure area also throttles access to your device. Even if someone has your device and replaces its operating system with a compromised one, the secure chip won’t let them guess a million PINs or passcodes a second. It will slow them down and lock them out of your device.
When you’re using a mobile wallet like Apple Pay, Samsung Pay, or Google Pay, your payment details can be stored securely to ensure that no malicious software running on your device can access them.
Google is also doing some interesting new things with the Titan M chip, such as authenticating your bootloader and ensuring no attacker can downgrade your operating system or replace your Titan M firmware.
Even a Spectre-style attack that lets an application read memory that doesn’t belong to it wouldn’t be able to crack these chips, as the chips use memory that’s completely separate from the main system memory.
It Protects Your Phone in the Background
No smartphone user really needs to know about this hardware, although it should make you feel more secure when keeping sensitive data like credit cards and online-banking details on your phone.
This is just cool technology that works silently to protect your phone and data, keeping you more secure. A lot of smart people are putting a lot of work into securing modern smartphones and protecting them against all kinds of possible attacks. And lots of work goes into making that security so effortless that you’ll never even have to think about it, too.
No comments:
Post a Comment