Keypoints
- Google engaged NCC Group in winter 2022 to review the Privacy Sandbox Aggregation Service.
- The Aggregation Service decrypts and combines aggregatable reports, adds noise, and returns a summary while running in a trusted execution environment (TEE) on cloud infrastructure.
- NCC Group’s assessment included Web Services Assessment (dynamic testing and code review), Architecture Design Review, Cryptography Design and Implementation Review, and a Holistic Attacker-Modeled Pentest.
- Cryptography review specifically covered the Aggregation Service implementation and split-key features intended to protect data confidentiality.
- NCC Group completed a retest in spring 2023 and found Google’s fixes effectively addressed the reported findings.
- The full public report is available as a downloadable PDF hosted by NCC Group.
MITRE Techniques
- [T1190] Exploit Public-Facing Application – Dynamic testing of the Aggregation Service simulated attacks against internet-facing components to find vulnerabilities: ‘Web Services Assessment … from the perspective of an external attacker.’
- [T1553] Subvert Trust Controls – The use of a Trusted Execution Environment (TEE) and split-key cryptography addresses risks around compromising trust boundaries and key material: ‘This service runs in a trusted execution environment (TEE)’ and ‘split key features.’
Indicators of Compromise
- [Domain] Report and hosting domains – research.nccgroup.com
- [File name / Download] Public report PDF – NCC_Group_Google_Privacy_Sandbox_Public_Report_v2.pdf (https://research.nccgroup.com/wp-content/uploads/2024/04/NCC_Group_Google_Privacy_Sandbox_Public_Report_v2.pdf)
- [URL] Source article – https://research.nccgroup.com/2024/03/28/public-report-google-privacy-sandbox-aggregation-service-and-coordinator/
Google commissioned an independent security review of the Aggregation Service, a Privacy Sandbox component that receives aggregatable reports from client-side APIs, decrypts and merges those payloads, adds differential noise, and returns aggregated measurement outputs. The service is designed to operate inside a cloud-hosted Trusted Execution Environment (TEE) and incorporates split-key cryptographic controls to limit exposure of plaintext data and cryptographic material.
NCC Group’s evaluation consisted of four technical streams: a Web Services Assessment involving dynamic testing and code review targeting internet-facing components; an Architecture Design Review of the system’s overall design and deployment; a Cryptography Design and Implementation Review focused on encryption, split-key mechanisms, and implementation correctness; and a Holistic Attacker-Modeled Pentest simulating a malicious ad-tech firm to find logic or privacy weaknesses. After Google implemented recommended fixes, NCC Group performed a spring 2023 retest and reported that the mitigations effectively addressed the findings.
The complete technical report and findings are published by NCC Group and available for download as a PDF from their research site. Read more: https://research.nccgroup.com/2024/03/28/public-report-google-privacy-sandbox-aggregation-service-and-coordinator/