openwallet-foundation / bifold-wallet

Aries Mobile Agent React Native - Part of the Aries Bifold effort to provide SSI capabilities in a production ready app.
Apache License 2.0
148 stars 146 forks source link

How Bifold wallet maintain the security of cryptographic keys? #1226

Open Arif-Shahriar028 opened 2 months ago

Arif-Shahriar028 commented 2 months ago

I have a few questions regarding the cryptographic key security in the Bifold wallet:

  1. How does the Bifold wallet maintain the security of cryptographic keys?
  2. Is it possible to retrieve cryptographic keys and credentials from a rooted Android phone by accessing root files? If so, what are the potential risks and mitigations?
  3. Can we utilize hardware-specific security measures, such as a Hardware Security Module (HSM), to enhance the security of cryptographic keys in the Bifold wallet?

I appreciate any insights or recommendations on these topics. Thank you.

cvarjao commented 2 months ago

@Arif-Shahriar028, this might help: https://github.com/openwallet-foundation/bifold-wallet/discussions/374

1) We use an encrypted database (via Askar). The actual encryption key is securely kept/managed as encrypted records using the wallet key 2) I would think that almost anything is possible from rooted device. I recommend using App Attestation to check if the app is running on rooted devices 3) It depends of the crypto being used. Some protocols might be possible, but we do not have HSM support in place yet :(

pmccabensds commented 2 months ago

Hi @cvarjao

I was also curious about this.

Can you confirm what you mean by "wallet key". Is this something that is stored on device, or is it somehow tied to a user entered PIN ?

As I understand, both Android and IOS support some type of Secure OS or something of that nature to store sensitive information that would be much more difficult to retrieve even on a rooted device. https://support.apple.com/en-ca/guide/security/sec59b0b31ff/web https://www.trustonic.com/technical-articles/what-is-a-trusted-execution-environment-tee/

In theory the wallet key could be stored there so it is better protected.. Does that sound correct ?

Thanks

cvarjao commented 2 months ago

The wallet key is derived from a generated salt + user PIN.

at the moment , we are using react-native-keychain to provide the keychain abstraction between iOS/Android, but it does leverage platform/OS specific secure Keychain/Keystore

pmccabensds commented 2 months ago

The wallet key is derived from a generated salt + user PIN.

* The generated salt is always [stored in a secure keyckain](https://github.com/openwallet-foundation/bifold-wallet/blob/ea2300f5186539d23cc401b90b92cb859f24a9e6/packages/legacy/core/App/services/keychain.ts#L69)

* If the user has biometric authentication enabled, the wallet key is stored in a [secured keychain with biometrics protection](https://github.com/openwallet-foundation/bifold-wallet/blob/main/packages/legacy/core/App/services/keychain.ts#L61)

* if the user has biometric authentication disabled, then the wallet key is [re-created](https://github.com/openwallet-foundation/bifold-wallet/blob/ea2300f5186539d23cc401b90b92cb859f24a9e6/packages/legacy/core/App/services/keychain.ts#L61) by retrieving the salt and combining with the user's PIN

at the moment , we are using react-native-keychain to provide the keychain abstraction between iOS/Android, but it does leverage platform/OS specific secure Keychain/Keystore

This is perfect, thanks so much

Arif-Shahriar028 commented 2 months ago

@cvarjao thanks for your response! I have a few more queries regarding your response.

I have rooted my android phone and installed bifold, then issued some credentials. As the phone is rooted, I can explore its root files.

root This is the root folder of the application.

sqlite-db I found this sqlite database in the root folder. I also checked it by db browser, but no readable data could retrived. Everything is encrypted.

shared_prefs These are the files of shared_pref folder. Inside that folder there is an rn_keychain.xml file where salt value can be found. But I am not sure are they encrypted or not.

keychain This is the rn_kechain.xml file.

Now my question is:

  1. Can we somehow decrypt the sqlite database using these information found in root folder?
  2. Can somebody retrieve credentials from these root files? Or, is it possible to retrieve wallet-key from keystore somehow using these root files?

Thanks for your time!

cvarjao commented 2 months ago
  1. Yes, if you have the wallet key you can decrypt the values.
  2. With the salt + user's PIN, you can generate the wallet key

I am wondering if we can make some changes to not have it stored in that file.

We are using Keychain.SECURITY_LEVEL.ANY. There are a lot inconsistence in the way that vendors support hardware encryption (Keychain.SECURITY_LEVEL.SECURE_HARDWARE). I also noticed we are a couple of versions behind, that things have changed in that react-native-keychain library.

Any help in this space would be very much appreciated.

tbloomfi commented 2 months ago

Ideally the salt should be in the keystore backed by the secure area (SE/TEE). This requires a biometric or device PIN/passcode to enable the encryption. There is an option in the core wallet to turn on a feature that requires biometrics (PIN and Biometrics). This has better security at the cost of usability, as not everyone can or wants to use biometric authentication.

Unfortunately, even if the salt is part of the encrypted key store (backed by the secure area), it will still be accessible (with some effort) if you can access the device directly - e.g., you can shim the crypto libraries and extract the salt or the key directly.

To truly secure the key as a hardware cryptographic device (as per NIST) you need to create the keys in the secure area. This is only supported for EcDSA keys. There is a plugin in development for Askar that will support hardware backed keys.

The solution required depends on the level of assurance that you need for your use case.