Feature request: use IRIS scanner to lock and unlock Signal app and backups

signalapp / Signal-Android

A private messenger for Android.

https://signal.org

GNU Affero General Public License v3.0

25.58k stars 6.13k forks source link

Feature request: use IRIS scanner to lock and unlock Signal app and backups #7450

Closed WSLUser closed 6 years ago

WSLUser commented 6 years ago

I have:

[x] searched open and closed issues for duplicates
[x] read https://github.com/WhisperSystems/Signal-Android/wiki/Submitting-useful-bug-reports

Bug description

Describe here the issue that you are experiencing.

I would like to request to ability for users to use their IRIS scanner of choice to lock and unlock the app and backups as an alternative to passphrase. This can be accomplished by using the camera. Samsung has adopted this for unlocking their phones starting with the Galaxy S8

Related ask: #6031

Device info

Device: Samsung Galaxy S7 Android version: 7.0.0 Signal version: 4.16.9

cegg1 commented 6 years ago

I don't think it's feasible to encrypt backups with biometrics. They wouldn't survive a factory reset or work on a different device.

WSLUser commented 6 years ago

True but in that case, you could use the original passphrase you created. Another option would be to 1.) Reinstall Signal. 2.)Re-establish biometric data from IRIS (or other alternative if another is ever implemented such as fingerprints) 3.) Start import signal backup 4.) Recieve authentication request normally requesting passphrase, it asks for your biometric data instead 5.) Signal checks the biometric data stored for backup and validates against biometric data set up in the Signal app (you already re-did the steps to use biometrics). 6.) Restore process occurs (assuming the validation was successful) 7.) User validates all data is available and is readable

cegg1 commented 6 years ago

Biometric data should not be accessible from userland, not even accessible by the kernel. It is supposed to be stored in the TEE, thus it is not accessible by any app. Signal cannot retrieve it to compare it. And if you do a factory reset, it's gone forever.

Please see https://support.google.com/nexus/answer/6300638

WSLUser commented 6 years ago

The TEE is within the kernel and is covered by an SELinux policy. Someone clever enough could hack that and gain access. I'm sure somebody has done it but does anyone here have knowledge to get at it? That I don't know.

RiseT commented 6 years ago

@moxie0 Are you sure this is the issue you intended to mark as "fixed"above ...?

automated-signal commented 6 years ago

GitHub Issue Cleanup: See #7598 for more information.