The full-disk encryption protecting your Android can be cracked.
If you have an Android device running 5.0 (Lollipop) or later, and powered by a Qualcomm Snapdragon processor, then you should know that a security researcher demonstrated how to crack the full-disk encryption (FDE) with brute-force attacks; the fix is not necessarily as simple as installing new firmware and might require changes to hardware.
Why I switched back to Firefox
Remember when you ditched Firefox for Chrome and pinkie-swore you’d never go back? Yeah, me too.
Full-disk encryption, which is supported on devices running Lollipop on up, is supposed to protect files on the storage drive. Android uses a randomly chosen 128-bit device encryption key which is further encrypted using a user’s PIN, password or swipe pattern. The master key, or Device Encryption Key (DEK), is stored on a user’s device; it is bound to the device’s hardware though Android’s KeyMaster, which runs in the TrustZone. In other words, an attacker should not be able to extract the crypto key for this walled-off and protected section.
But security researcher Gal Beniamini demonstrated how an attacker could use brute-force attacks to extract the key off a locked phone that has a Qualcomm processor. Not only did he show “how TrustZone kernel code-execution can be used to effectively break Android's Full Disk Encryption (FDE) scheme,” he also released the attack code; on GitHub, Beniamini provided both the source code to extract Qualcomm’s KeyMaster keys as well as the Python scripts to brute-force the FDE off the device.
“The key derivation is not hardware bound,” Beniamini explained. “Instead of using a real hardware key which cannot be extracted by software (for example, the SHK), the KeyMaster application uses a key derived from the SHK and directly available to TrustZone.”
It’s not only attackers that could break the encryption on vulnerable devices, according Beniamini. He suggested OEMs might comply with law enforcement to break Android’s full-disk encryption. “Since the key is available to TrustZone, OEMs could simply create and sign a TrustZone image which extracts the KeyMaster keys and flash it to the target device,” he wrote. “This would allow law enforcement to easily brute-force the FDE password off the device using the leaked keys.”
Millions of Androids are reportedly still vulnerable, even though Qualcomm said “patches were made available to our customers and partners,” and Google said it rolled out patches in May and January. Duo Security told Ars Technica that an estimated 37 percent of all Android phones running the Duo app had not yet received the patches.
“Patching TrustZone vulnerabilities does not necessarily protect you from this issue,” Beniamini wrote. “Even on patched devices, if an attacker can obtain the encrypted disk image (e.g. by using forensic tools), they can then ‘downgrade’ the device to a vulnerable version, extract the key by exploiting TrustZone, and use them to brute-force the encryption. Since the key is derived directly from the SHK, and the SHK cannot be modified, this renders all down-gradable devices directly vulnerable.”
Beniamini delved into the technical details which you can check out in full on “Bits, Please!” He concluded:
As we've seen, the current encryption scheme is far from bullet-proof, and can be hacked by an adversary or even broken by the OEMs themselves (if they are coerced to comply with law enforcement). I hope that by shedding light on the subject, this research will motivate OEMs and Google to come together and think of a more robust solution for FDE.
Other Stories You May Like.
what is the secret to piecing together the perfect workout playlist? Research suggests that rhythm is the most important factor for the average gym-goer
In addition, the study also found that teenagers exercise less during puberty, adding to the calorie excess that underlies obesity.
Fact is ... Barron does not have autism and the video perpetuated the bullying, but the guy behind the video says it will come down
The PDP itself is a formidable party any day in Anambra State and with people like Peter Obi who is alleged to have vowed to ensure
Adding insult to injury, Joseph says the driver charged him for a 28 minute ride -- and Uber has refused to ID the driver for investigators.
Marisa Hyland says it all went down last summer in NYC, when a driver named June repeatedly averted crashing by
More good news for Mari ... according to court docs, her $26k bail money was returned. You'll recall ... Mari was a wanted woman
His words, “Fixing of outrageous fees for party candidates publicity is a sign of government resentment for popular participation
Membership on this council is an endorsement of bigotry, period. Thanks to the thousands of activists who protested
The notifications, which included the man's pickup and drop-off times and locations, led his wife to discover he was having an affair. The couple have since divorced
After a meeting in which all drivers agreed to down tools to express their discomfort with the platform, a decision to also hit the streets of Lagos in a peaceful protests was reached