Giving Mobile Security the Boot

Recommendations

Info

Boot Chains of Trust Android Boot: SBL • Vendor specific, but usually same operation: – Initialize subsystems (baseband, DSP, GPU, TZ) – Locate Android Boot • Signed with private key( 与私钥 ) of manufacturer – Signature is first link in chain of trust – May contain another public key of manufacturer or same. BootROM SBL ABoot Kernel + initrd (C) 2016 Jonathan Levin & Technologeeks.com - Share freely, but please cite source!
Boot Chains of Trust Android Boot: ABoot • Commonly* based off of open source Little Kernel – May be customized by vendor • Supports FASTboot or other (e.g. ODIN) for flashing • May or may not be unlockable ( 解鎖 ) – If unlocked: • Effaces data (to ensure user data won’t be compromised) • Breaks chain of trust (any kernel can be loaded) • Usually blows a Qfuse to indicate void warranty BootROM SBL ABoot Kernel + initrd * - Samsung, others have custom loaders (C) 2016 Jonathan Levin & Technologeeks.com - Share freely, but please cite source!
Page 1 and 2: Giving Mobile Security the Boot Jon
Page 3 and 4: morpheus@Zepyhr$ whoami ( 一点
Page 5 and 6: Boot Chains of Trust (C) 2016 Jonat
Page 7: Android Boot: The BootROM • Very
Page 11 and 12: Boot Chains of Trust Android Boot:
Page 13 and 14: The iOS Boot Sequence iOS Boot: The
Page 15 and 16: The iOS Boot Sequence iOS Boot: iBo
Page 17 and 18: Validating components: SHSH • Use
Page 19 and 20: Validating components: APTicket •
Page 21 and 22: iOS 10b1: Think different • Mista
Page 23 and 24: TrustZone 技 • Hardware support
Page 25 and 26: Android uses of TrustZone • Crypt
Page 27 and 28: iOS Uses of TrustZone • 32-bit: A
Page 29 and 30: Entering TrustZone (AArch32) • SM
Page 31 and 32: Exception Handling (AArch64) EL0 Ap
Page 33 and 34: AArch64 Exception Handling 0x000 Sy
Page 35 and 36: Case Study: KPP 0x000 Synchronous C
Page 37 and 38: KPP: Kernel Side morpheus@zephyr (~
Page 39 and 40: KPP Weakness (patched in 9.2) • P
Page 41 and 42: iOS 10 changes morpheus@zeyphr(~/..
Page 43 and 44: Android & TrustZone keystore com.an
Page 45 and 46: Android & TrustZone: Samsung root@s
Page 47 and 48: disarm # disarm will automatically
Page 49 and 50: Linux Kernel Support • Generic Tr
Page 51 and 52: References • ARM TrustZone docume

Giving Mobile Security the Boot

Create successful ePaper yourself

Delete template?

Save as template?