Bafuputsi ba NCC Group bofokoli () ho li-chips tsa Qualcomm, tse u lumellang hore u tsebe tse ka hare ho linotlolo tsa poraefete tse fumanehang sebakeng se ka thoko Qualcomm QSEE (Qualcomm Secure Execution Environment), ho ipapisitsoe le theknoloji ea ARM TrustZone. Bothata bo iponahatsa ka Snapdragon SoC, e seng e atile ho li-smartphones tse thehiloeng sethaleng sa Android. Litokiso tse lokisang bothata li se li ntse li le teng ho ntlafatso ea April Android le lintlafatso tse ncha tsa firmware bakeng sa lichifi tsa Qualcomm. Ho nkile Qualcomm nako e fetang selemo ho lokisa tokiso; tlhahisoleseling mabapi le tlokotsi e ile ea romeloa Qualcomm ka la 19 Hlakubele 2018.
A re hopoleng hore theknoloji ea ARM TrustZone e u lumella ho theha libaka tse sirelelitsoeng tse arohaneng le lisebelisoa tse arohaneng ka botlalo le sistimi e kholo mme li sebetsa ho processor e ikhethileng e sebelisang sistimi e ikhethileng e ikhethileng. Morero oa mantlha oa TrustZone ke ho fana ka ts'ebetso e ikhethileng ea li-processor bakeng sa linotlolo tsa encryption, netefatso ea biometric, data ea tefo le lintlha tse ling tsa lekunutu. Tšebelisano le OS e kholo e etsoa ka mokhoa o sa tobang ka sebopeho sa dispatch. Linotlolo tsa lekunutu li bolokoa ka har'a lebenkele la linotlolo tse ikhethileng tsa Hardware, tseo, ha li sebelisoa hantle, li ka thibelang ho lutla ha tsona haeba sistimi e ka tlase e ka senyeha.
Ho ba kotsing ho bakoa ke phoso ea ts'ebetsong ea algorithm ea elliptic curve processing, e lebisitseng ho lutla ha tlhahisoleseding mabapi le tsoelo-pele ea ts'ebetso ea data. Bafuputsi ba thehile mokhoa oa ho hlasela oa lehlakoreng le leng o lumellang ho sebelisa ho lutla ka tsela e sa tobang ho fumana litaba tsa linotlolo tsa poraefete tse fumanehang ka har'a sesebelisoa se ikhethileng. . Ho lutla ho ikemiselitsoe ho ipapisitse le tlhahlobo ea mosebetsi oa thibelo ea lekala le liphetoho nakong ea phihlello ea data mohopolong. Tekong, bafuputsi ba bonts'itse ka katleho ho hlaphoheloa ha linotlolo tsa 224- le 256-bit ECDSA ho tsoa lebenkeleng la senotlolo le ikhethileng la Hardware le sebelisitsoeng ho smartphone ea Nexus 5X. Ho khutlisa senotlolo se hlokahalang ho hlahisa li-signature tse ka bang likete tse 12 tsa dijithale, tse nkileng lihora tse fetang 14. Lisebelisoa tse sebelisoang ho etsa tlhaselo .
Lebaka le ka sehloohong la bothata ke ho arolelana likarolo tse tloaelehileng tsa hardware le cache bakeng sa lipalo ho TrustZone le tsamaisong e kholo - ho itšehla thajana ho etsoa boemong ba karohano e utloahalang, empa ho sebelisoa lihlopha tse tloaelehileng tsa k'homphieutha le ka mesaletsa ea lipalo le tlhahisoleseding e mabapi le lekala. liaterese tse kenngoa ka har'a cache e tloaelehileng ea processor. U sebelisa mokhoa oa Prime + Probe, o ipapisitseng le ho lekola liphetoho nakong ea phihlello ea tlhaiso-leseling e bolokiloeng, hoa khoneha, ka ho lekola boteng ba lipaterone tse itseng ka har'a cache, ho lekola phallo ea data le matšoao a ts'ebetso ea khoutu e amanang le lipalo tsa li-signature tsa dijithale. TrustZone e nepahetse haholo.
Boholo ba nako ea ho hlahisa tekeno ea dijithale ka ho sebelisa linotlolo tsa ECDSA ho li-chips tsa Qualcomm e sebelisoa ho etsa mesebetsi ea ho atisa ka loop ho sebelisa vector ea ho qala e sa fetoheng bakeng sa ho saena ka 'ngoe.). Haeba mohlaseli a ka hlaphoheloa bonyane likotoana tse 'maloa ka tlhahisoleseling mabapi le vector ena, ho ka khonahala ho etsa tlhaselo ea ho khutlisa senotlolo sa lekunutu ka tatellano.
Tabeng ea Qualcomm, libaka tse peli tseo tlhahisoleseding e joalo e ileng ea lutla ho tsona li ile tsa khetholloa ka algorithm ea ho atisa: ha ho etsoa ts'ebetso ea ho hlahloba litafole le khoutu ea ho khutlisa data e nang le maemo e thehiloeng ho boleng ba karolo ea ho qetela ho "nonce" vector. Leha ho na le taba ea hore khoutu ea Qualcomm e na le mehato ea ho thibela ho lutla ha tlhahisoleseling ka liteishene tsa mokha oa boraro, mokhoa o ntlafalitsoeng oa tlhaselo o u lumella ho feta mehato ena le ho fumana lintlha tse 'maloa tsa boleng ba "nonce", tse lekaneng ho khutlisa linotlolo tsa 256-bit ECDSA.
Source: opennet.ru