We may have thought that Android is just as safe as the iPhone when it comes to encryption, but it looks like Google’s Android operating system has a critical flaw that can be exploited to decrypt a device. Even worse, while there are patches that can fix the issue, it seems that attackers can simply downgrade to a pre-patch state, and then decrypt a target device with ease.
Security researcher Gal Beniamini demonstrated this unexpected flaw in Android encryption, as Network World explains. Full-disk encryption is available on devices running Android 5.0 Lollipop or later, and the attack works on phones that are powered by Qualcomm processors.
Full-disk encryption (FDE) is supposed to encrypt the device with 128-bit device encryption. Decrypting should be impossible without knowing the PIN, password or gesture that protects the device.
The Device Encryption Key (DEK) found on the device is bound to that device through Android’s KeyMaster, which runs in the TrustZone. But Beniamini proved that he could brute-force his way into extracting the key off a locked phone, and he provided the tools necessary to do it on Github.
“The key derivation is not hardware bound,” Beniamini said. “Instead of using a real hardware key which cannot be extracted by software (for example, the SHK), the KeyMaster application uses a key derived from the SHK and directly available to TrustZone.”
He continued, “Since the key is available to TrustZone, OEMs could simply create and sign a TrustZone image which extracts the KeyMaster keys and flash it to the target device. This would allow law enforcement to easily brute-force the FDE password off the device using the leaked keys.”
It appears that millions of Android devices are still vulnerable. Qualcomm and Google have patched the issue with updates in May and January, but many users haven’t yet received the patch.
Even once the fix is installed, the patches will not offer full protection. “If an attacker can obtain the encrypted disk image (e.g. by using forensic tools), they can then ‘downgrade’ the device to a vulnerable version, extract the key by exploiting TrustZone, and use them to brute-force the encryption,” the researcher said. “Since the key is derived directly from the SHK, and the SHK cannot be modified, this renders all down-gradable devices directly vulnerable.”