The research unveiled at Microsoft’s BlueHat conference. The Bugs could exploited to bypass Windows Hello authentication.
Blackwing Intelligence security researchers found vulnerabilities in Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops, and discovered flaws in the fingerprint sensors embedded in Goodix, Synaptics, and ELAN devices. Attackers can bypass Windows Hello login using new flaws found in fingerprint sensors.
The Blackwing Intelligence researchers First Target – Dell Inspiron
The Dell Inspiron laptop is equipped with a match-on-chip sensor that is developed by Goodix and is embedded within the device. The sensor fully supports Windows Hello and SDCP and has good Linux support.
Boot the target device into Linux, enroll the attacker’s fingerprint on the Linux side, and specify the same ID as a legitimate Windows user in the database.
The second target – Lenovo ThinkPad T14s.
Instead of relying on SDCP, the Synaptics fingerprint sensor uses a custom TLS stack to secure USB communication between the host driver and the sensor. Therefore, to proceed further, we needed to break TLS.
We can do whatever we want if we negotiate TLS and communicate with the sensor.
Microsoft Surface Pro X/8 Type Cover is featured in the Third Target.
The ELAN fingerprint sensor embedded in the Microsoft Surface Type Cover presented a formidable challenge, but time constraints forced us to tackle it.
The researchers decided to take a quick look and were surprised what we found.
- No SDCP
- Cleartext USB communication
- No authentication
In fact, any USB device can claim to be the ELAN sensor (by spoofing its VID/PID) and simply claim that an authorized user is logging in!
A prerequisite for exploiting the fingerprint reader is that the laptop user has already set up fingerprint authentication.
Windows Hello Enhanced Sign-in-security only supports match on the chip.
All three fingerprint sensors use a “match on chip” (MoC) sensor type that integrates biometric management functions directly into the sensor’s circuit.
The chip stores a database of “fingerprint templates,” which is the biometric data obtained by the fingerprint sensor. Enrollment and matching are performed within the chip, so the fingerprint templates never leave the chip.
This method eliminates any privacy concerns of biometric data being stored and potentially extracted from the host, even if the host is compromised.
Moreover, this approach also prevents attacks that involve sending images of valid fingerprints to the host for matching. Microsoft Windows Hello Advanced Sign-in Security (ESS) requires match-on-chip sensors and doesn’t support match-on-host.
The MoC also does not prevent replay of previously recorded traffic between the host and sensor.
Microsoft created the Secure Device Connection Protocol (SDCP) to enable secure biometrics with fingerprint sensors.
It consists of a set of standards and a secure communications protocol with the following goals:
- Ensuring the fingerprint device is trusted
- Ensuring the fingerprint device is healthy
- Protecting input between the fingerprint device and the host
- The researchers discovered a new technique to bypass these protections and carry out adversary-in-the-middle (AitM) attacks.
The ELAN fingerprint sensor was identified to have a security vulnerability due to the lack of SDCP support and the use of cleartext transmission of security identifiers (SIDs). Made it possible for any USB device to pose as the fingerprint sensor and falsely authenticate an unauthorized user.
Instead of SDCP, the Synaptics sensor relies on a custom TLS stack to secure USB communication between the host driver and the sensor. So, to go further, we needed to break TLS.
When exploiting the Goodix sensor, there is a significant difference in the enrollment operations carried out on a Windows and Linux machine. The exploit takes advantage of the fact that Linux doesn’t support SDCP and uses this to perform certain actions.
- Boot to Linux
- Enumerate valid IDs
- Enroll the attacker’s fingerprint using the same ID as a legitimate Windows user.
- MitM is the connection between the host and the sensor
- Boot Windows
- Intercept and rewrite the configuration packet to point to the Linux DB using our MitM.
- Login as the legitimate user with the attacker’s print
It is important to note that the Goodix sensor has different fingerprint databases for Windows and non-Windows systems. However, the sensor can be attacked due to the unauthenticated configuration packet sent by the host driver to the sensor during initialization. This packet specifies which database to use.
To prevent such attacks, it is advisable for original equipment manufacturers (OEMs) to enable SDCP and have qualified independent experts to audit the fingerprint sensor implementation.
- The security researcher is recommending vendors who manufacture biometric authentication solutions.
- It is important to ensure that SDCP is enabled. If it is not turned on, it will not be of any help.
- It is highly recommended that you have a qualified expert from a third-party audit your implementation to ensure it is properly executed.