Knox White Paper
Device Health Attestation
Mobile apps can be compromised if unauthorized actors are able to run them in on untrustworthy hardware or firmware. This can be done by either:
- a malicious user deliberately accessing a device they're not authorized to, for example, while the user is away
- a bad actor who manipulates the device, or its firmware in transit
Such an actor can easily gain full control over the device firmware, files, UI, and apps. Unfortunately, malicious actors can exploit these scenarios to:
- steal passwords
- hijack identities
- access secret information
- install apps
Enterprises with Bring Your Own Device programs are especially at risk, as employees may potentially use compromised Android devices in the workplace. Risks range from:
- the undetected exposure of confidential enterprise assets
- wider more insidious attacks on other enterprise resources and infrastructure
Enterprises must have a fail-safe way to detect if a device or its firmware is compromised, before allowing device users to deploy it in the workplace.
Reliable detection of compromised devices
Malware can potentially intercept and forge the results of a device health check, making a compromised device seem secure. The Knox platform leverages its hardware-backed trusted environment to reliably detect and report compromised devices.
Because a Samsung Attestation Key (SAK) is unique to each device, it can tie data to a device through cryptographic signatures.The SAK signs the Attestation data to prove that it originated from the TrustZone Secure World on a Samsung Knox device.
Knox Attestation works in tandem with Trusted Boot to ensure the integrity of devices during deployment, bootup, and operation.
How Knox Attestation works
- A device check is initiated by either:
- An enterprise IT admin using an EMM console
- A regularly scheduled check
- The web server that initiated the check
- requests a nonce from the Samsung Attestation server. A nonce is a random number used in cryptographic communication to time-bound and identify each attestation result.
- instructs the device to begin a check, passing the nonce as a check identifier.
- The Keymaster Trusted Application (TA) in Secure World gathers this data:
- the requesting app’s package name, version code, and developer key
- signed info about the device’s current state and expected environment
- hardware fuse readings indicating if untrusted firmware was ever loaded onto the device
- The TA compiles this information into an Attestation Result and signs it with a key that can be verified using the Samsung Root Certificate.
- The Samsung Attestation Server validates the Attestation Result's signature to ensure that it was generated on Samsung hardware and by Samsung’s TA.
- The Samsung Attestation Server analyzes the Attestation Result to determine if the returned nonce matches the one sent out and whether the data within it can be trusted.
The original requestor of the device check can quickly take action, for example,
- Report the verdict to the device user.
- Immediately prevent the device from accessing enterprise systems.
- Uninstall any enterprise apps or assets already on the device.
Highly secure or firewalled operations that don't want to access the web-based Samsung Attestation server can install an Attestation Validator tool onto a local server to parse the Attestation Result and keep device verdicts within the firewall.
Unique advantages of Knox Attestation
Knox Attestation provides these key differentiators:
- Health measurements guaranteed per request through a nonce, a unique number randomly generated by the Samsung Attestation Server.
- Health results that easily map to device identifiers like an IMEI. Unlike other solutions on the market, Knox Attestation enables IT admins to determine which attestation result correlates with which device, without having to painstakingly map IDs manually. With competitor solutions, results are returned for separate devices, but IT admins can't differentiate between devices, and consequently the results are not actionable. Knox Attestation returns a single device ID and enables IT admins to prevent or contain issues promptly.