This page contains recommendations to ensure that the hardware present on Android devices contributes to raising the overall security of the device instead of compromising the security of the device.
It is important to understand the potential security tradeoffs when selecting memory for Android devices. For example, certain types of memory may enable the execution of Rowhammer style attacks.
- Android devices should use memory that contains mitigations against Rowhammer style attacks. Device manufacturers should work closely with their memory manufacturers for additional details.
It is important to securely store and handle cryptographic keys that are available on the device. This is typically done on Android devices by utilizing a hardware-backed Keymaster implemented in an isolated environment, such as the Trusted Execution Environment (TEE). It is further recommended to also support a StrongBox Keymaster, which is implemented in tamper-resistant hardware.
- Ensure that the StrongBox Keymaster is running in an environment that has a discrete CPU, secure storage, a high quality true random number generator, tamper resistant packaging, and side channel resistance to meet the requirements to qualify as a StrongBox Keymaster. See the Android 9 CDD, section 9.11.2 for more information on the requirements.