![]() Since a synthetic password used for remote unlocking is not exposed to the outside of an Android device, the manufacturer still cannot unlock the device without user consent. Our design supports two-factor authentication, distributed authority, trust-boundary minimization, and key management. Android security is hardware-based (e.g., hardware-backed Keystore), so we seek to preserve this security level by designing a new remote unlocking service without modifying trusted execution environments. If the remote unlocking service is triggered by requests over-the-air, it may increase the attack surface of Android security. Nevertheless, not many manufacturers support remote unlocking services for Android devices. Manufacturers can improve non-face-to-face customer services in the COVID-19 era. ![]() Users can continue using the device without factory-resetting when they unexpectedly forget their passphrases. Remote unlocking for Android devices may benefit both users and manufacturers.
0 Comments
Leave a Reply. |