Flaws in Android full disk encryption revealed

An Israeli university student has found flaws in Android, which would allow a brute force attack to crack the full disk encryption

Python script and GPUs can be deployed to crack smartphone security
Python script and GPUs can be deployed to crack smartphone security

The full-disk encryption security feature used on millions of Android-based smartphones and tablets can be cracked open, according to a security researcher.

According to Israeli university student Gal Beniamini, the security feature can be broken using brute force attacks that take advantage of a number of vulnerabilities in different components on the platform.

From Android 5.0 onwards the OS automatically protect all of the user's information by enabling full disk encryption. But Beniamini has created working code that uses flaws on Android devices, especially ones running Qualcomm processors to get hold of the key that secures files.

Android uses a 2048-bit RSA key as well as a user PIN, password or pattern to encrypt files, but the way Qualcomm implements some security measures, combined with flaws in the Android kernel means that this key can be obtained and data decrypted.

Beniamini said the device generates a randomly-chosen 128-bit master key (or Device Encryption Key - DEK) and a 128-bit randomly-chosen salt. The DEK is then protected using an elaborate key derivation scheme, which uses the user's provided unlock credentials (PIN/Password/Pattern) in order to derive a key which will ultimately encrypt the DEK.

The key is bound to the device to prevent off-device brute force attacks. The binding is carried out  using Android's Hardware-Backed Keystore, called KeyMaster. The module runs in a Trusted Execution Environment (TEE) which is considered the "secure world," while the Android OS is the "non-secure world”.

KeyMaster generates encryption keys and carries out cryptographic functions without revealing data in the main operating system. Generated keys are encrypted and returned to the main OS, and when keys are required, an encrypted block of data, the key blob, must be provided to KeyMaster. The key blob contains a 2,048-bit RSA key which runs inside a secure portion of the device's processor and is required for cryptographic processes.

It's down to the device manufacturer to implement KeyMaster. For Qualcomm this is located in the Snapdragon TrustZone. Beniamini found that is is possible to exploit an Android security hole to extract the keys from TrustZone.

A Trusted Execution Environment called QSEE (Qualcomm Secure Execution Environment) which enables small apps, called "Trustlets," to run inside of the  secure environment.

An Android flaw allows a hacker to  load a QSEE app inside TrustZone, leading to privilege escalation and theft of the unencrypted blob with the keys generated for full disk encryption.

Once this is done a brute force attack can be carried out to find out a user's password or PIN.

“I believe this issue underscores the need for a solution that entangles the full disk encryption key with the device's hardware in a way which cannot be bypassed using software. Perhaps that means redesigning the FDE's KDF. Perhaps this can be addressed using additional hardware. I think this is something Google and OEMs should definitely get together and think about,” said Beniamini in a blog post.  

Matthias Reichert, head of Engineering at Promon, told SCMagazineUK.com that this proves that mobile operating systems and their security concepts are vulnerable.

“Malware would work by trying to get data directly out of mobile apps that only rely on a secure operating system but have no countermeasures themselves against being attacked by malware vectors. Thus, an attacker would go for the ‘low hanging fruit' by attacking unsecured apps (at rest or at runtime), trying to gather keys that are stored or used inside the app itself. The app is the ‘endpoint': an endpoint of decryption when communicating to enterprise networks or other servers – so why not attack the app directly,” he said.

Winston Bond, EMEA Technical Director at Arxan, told SC that although the exploration here didn't completely break through the security of the TrustZone Trusted Execution Environment, it has exposed some interested vulnerabilities in the coding and design of some specific applications, including Android's Full Disk Encryption.

“Reverse-engineering is a key part of the methodology here, and the lesson to be learnt is that a Trusted Execution Environment isn't a get out of jail free card for developers of secure software. There is still a substantial chunk of fairly complicated ordinary software that has to be got right, and which is vulnerable to reverse engineering,” he said.

“Developers need to ensure they are deploying advanced protection tools and techniques if they want to stop people from picking their code apart. White-box cryptography is another effective approach, combining mathematical algorithms with data and code obfuscation techniques to transform the key and related operations, making it nearly impossible for hackers to locate them in the code.”