[PConline information] nowadays, lean ' a mobile phone takes the world ' already not was the dream that Yao cannot reach, the mobile phone pays, order opportunity alcoholic drink, gregarious, communication, recreation to wait a moment, complete be nothing difficult. The function that can come true is much, the security of adversary machine also asks taller.
But be in recently, british security line of business person the bypass flaw that NCC Group announced a conceal to connect chip high in nearly 40, the confidential information that can store inside filch chip, affect the Android device that uses relevant chip, open the safe hole that already was informed last year at this was being repaired to be in at the beginning of this month high.
As we have learned, this flaw number is CVE-2018-11976, involve connect chip safety high to carry out an environment (QSEE) order of lot of elliptical curve number is algorithmic (ECDSA) , its will allow hacker speculation to go out deposit in QSEE, add 224 close Jin Yao with 256 with ECDSA.
The QSEE that says here, come from the TrustZone design of ARM, it is the safe core of systematic odd chip, it built the safe area of a segregation to offer reliable software and confidential data to use, and other software can be carried out inside general area only, QSEE is the safe executive environment that Gaotonggen makes according to TrustZone place namely.
To this, the senior and safe advisory Keegan Ryan of NCC Group expresses: "Carry out environmental design like the safety such as TrustZone or QSEE, be mixed by a lot of operation unit embedded a large number of adoption of device, what calculate region of place of safety and general area to use is different hardware resource, software or data, but they still are based on same small framework to go up, then they made a few tools come the data of monitoring QSEE flows with the program, find out connect high guide the safe flaw of ECDSA, successfully from connect what 256 restore on chip high to add close illicit key. Successfully from connect what 256 restore on chip high to add close illicit key..
"Most ECDSA lot order is the multiplication that handling random numerical value answer a circle, if the hacker can restore a few of this random numerical value, can use existing technology to restore whole illicit key, they discover two extent but outside discharge this information of random numerical value, although these two area contain the mechanism that antagonism bypass atttacks, the part that they bypassed these are restricted and found out this numerical value however, and the 256 illicit key that restored the place on Nexus 5X mobile phone successfully to deposit. And the 256 illicit key that restored the place on Nexus 5X mobile phone successfully to deposit..
Actually, NCC Group is in early discovered this flaw last year, accused cicada to be connected high in March at of the same age, connect a respect high to arrive to just was repaired formally this year in April all the time. Show according to connecting the safe announcement of a paste high, CVE-2018-11976 belongs to what ECDSA signs chapter code to add close problem, the discharge outside will letting deposit the illicit key in region of place of safety comes general area, be connected high to label major flaw, and affected more than 40 to connect chip high, or involve amount to mobile phone of billions of Android and hardware equipment.