Auditor attestation.app
-
The app complies with the inclusion criteria -
The app is not already listed in the repo or issue tracker. -
The original app author has been notified (and supports the inclusion). see https://github.com/GrapheneOS/Auditor/issues/61#issuecomment-524001955 -
Donated to support the maintenance of this app in F-Droid.
mostly copied from website
Can provide and should have reproducible builds.
Link to the source code:
https://github.com/GrapheneOS/Auditor
License used:
MIT license
Category:
Security
Summary:
Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.
Description:
The Auditor app uses hardware-based security features to validate the identity of a device along with authenticity and integrity of the operating system. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. A downgrade to a previous version will also be detected. It builds upon the hardware-based verification of the operating system by chaining verification to the app to perform software-based sanity checks and gather additional information about device state and configuration beyond what the hardware can attest to directly.
The foundation of the Auditor app is generating a persistent key in the hardware-backed keystore for verifying the identity of the device and providing assurance that the operating system hasn't been tampered with or downgraded via verified boot. It performs a pairing process between the device performing verification (Auditor) and the device being verified (Auditee) to implement a Trust On First Use (TOFU) model. The device performing verification can either be another Android device running the app in the Auditor mode or the https://attestation.app/ service for automated verification on a regular schedule with support for email alerts. See the tutorial for usage instructions. The protocol used for both local and remote attestation is documented in the source code.
Verified boot validates the integrity and authenticity of firmware and the entire operating system (both the kernel and userspace) from an immutable hardware root of trust. The results are passed along to the hardware-backed keystore and used to protect the keys.
The key attestation feature provided by the hardware-backed keystore provides direct support for attesting to device properties and bootstrapping the Trust On First Use model of the Auditor app with a basic initial verification chained up to a known root certificate. The latest version of key attestation provides a signed result with the verified boot state, verified boot key, a hash of all data protected by verified boot and the version of the operating system partitions among other properties. It also has support for chaining trust to the application performing the attestation checks, which is used by the Auditor app for bootstrapping checks at the software layer.
Devices shipping with Android 9 or later may ship a StrongBox Keymaster implementation, allowing the Auditor app to keep the keys used by the attestation protocol in the dedicated Hardware Security Module (HSM) (such as the Titan M in Pixel phones) rather than using the Trusted Execution Environment (TEE) on the main processor. This can provide substantial attack surface reduction.
Security enhancements offered by future generations of hardware and future Android releases will be closely tracked by these projects. The core workflow and feature set is already implemented but the foundation will be regularly improved along with major improvements to the user interface and documentation. The app and service are designed to be forwards and backwards compatible via a versioned protocol to permit substantial changes down the road.
Device support:
Any device with Android 7.0 or later can run the Auditor app and use it to verify other devices. However, only devices launched with Android 8.0 or later have the necessary hardware support for being verified. Each device model also needs to be explicitly integrated into the app.