Trusted Boot, a flagship feature of the Knox Platform, exemplifies Samsung's unparalleled protection for mobile device boot processes. By identifying and differentiating unauthorized and outdated boot loaders, Trusted Boot safeguards your mobile device from potential compromise.
In the event unauthorized boot components are loaded, enterprises can rely on Trusted Boot to ensure that only validated and up-to-date components are allowed to run, effectively segregating authorized and unauthorized boot loaders.
To verify device integrity, enterprises can leverage Knox Attestation, which analyzes Trusted Boot measurement data in conjunction with the SE for Android enforcement setting to establish a comprehensive device health assessment.
For enhanced security measures, bootloader measurements are meticulously stored in the secure TrustZone memory during device boot. During runtime, applications operating within the secure TrustZone leverage these measurements to make critical security decisions. This includes determining whether to release cryptographic keys from the Knox Keystore or launch the Work profile app container.
In the event an unauthorized or outdated component version is detected, a tamper fuse is triggered. Once activated, sensitive work apps and data within the Work container become permanently encrypted and inaccessible, as the device's integrity can no longer be guaranteed or validated.
Despite this secure lockdown, users retain the ability to boot the device and launch personal apps. This balance between consumer functions, such as smartphone calls and personal apps, and the imperative to safeguard enterprise data ensures a seamless user experience.
Trusted Boot builds upon the foundation of Secure Boot, which Samsung devices previously relied on to prevent unauthorized bootloaders and operating systems during startup. Secure Boot utilizes cryptographic verification of bootloaders' signatures in a sequential chain, with a root-of-trust residing in hardware. If any verification step fails, the boot process terminates.
While Secure Boot effectively thwarts unauthorized bootloaders, it lacks the ability to discern between different authorized binary versions. For instance, it cannot distinguish between a bootloader with a known vulnerability and a later patched version, as both versions possess valid signatures. Trusted Boot was specifically developed to verify the integrity of the same bootloader, kernel, and platform build.
Introducing Knox Verified Boot (KVB), a groundbreaking solution that expands and enhances Android Verified Boot (AVB). While AVB solely focuses on checking the integrity of kernel and platform components, KVB extends this scrutiny to encompass earlier bootloaders. This comprehensive validation ensures that all components booted on the device are properly signed and derived from the same build. KVB performs the same rigorous validations as the existing Trusted Boot mechanism, but it does so before the device kernel is booted, guaranteeing advanced data protection.
With KVB, component checks are conducted directly in the bootloader, and validations occur even before system services are initiated, setting new standards for robust boot-time security. KVB support is available on Samsung S10 and subsequent devices running the Android P operating system or later, providing a seamless and fortified boot experience.