Security analysis of Samsung Knox

摘要

A Trusted Execution Environment (TEE) has become popular in the mobile industry. Hardware-based security will be employed by default for every mobile device within a few years. In this paper, we explore several potential security issues of the Samsung Knox platform that is one of the advanced hardware based mobile security platforms for Android devices. We describe several attack scenarios to show how the Knox platform can be compromised. We particularly performed experiments for Man in the Middle Attacks with an untrusted certificate. To mitigate such security risks, we also recommend several countermeasures based on fundamental security principles. For example, security-sensitive resources in Knox should be strictly isolated from processes in an insecure operating system.