19
A mysterious bug in the firmware of Google's Titan M chip (CVE-2019-9465...
source link: https://alexbakker.me/post/mysterious-google-titan-m-bug-cve-2019-9465.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Starting with the release of the Pixel 3, all of Google's Pixel Android smartphones come with the Titan M security chip on board. When I realized the Pixel 3a XL I purchased also had it, I decided to try to take advantage of it in an app I work on. It turned out that using the Titan M chip through the Android Keystore API for AES-GCM in a specific way lead to predictable and bogus ciphertext. This is the story of how I stumbled upon that bug, and why it's a bit mysterious.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK