06 August 2016
Today we will be talking about the safety measures done by Google in the Android-running smartphones. The encryption becomes the key focus of media on an international level when San Bernardino case happened. During the investigation, FBI asked Apple officials to unlock and iPhone but tech giant refused to unlock an iPhone as that would be the threat to all Apple iOS users.
FBI tried to focus on the moral side of the story during the hearing of the case in a court, though Apple won this case but FBI official, later on, stated that they opened the iPhone used in San Bernardino case with the help of the third party. Today we are going to discuss the full encryption and this time it is regarding the Android ecosystem and unfortunately, the news regarding Android running smartphone full encryption is not positive particularly for the Qualcomm running devices.
A security researcher Gal Pet today made a public announcement that he found a way of evading the Encryption on the Android smartphones which are running on Qualcomm’s Soc and are above Android 5.0 Lollipop. As the entire research done by Pet is quite technical and we will recommend you guys to the source to know detailed info. But we will also try to discuss the aforementioned process in simple terms and will also have a look what are the consequences of this research.
Before going into research analysis, let’s have a look at what method Android is using to create the encryption key which is used by memory encryption process. The encryption key uses both the Pin which is selected by the user and a key is generated using a Key Master module, and this master Key is placed in a special Zone which is dubbed as TrustedZone. This TrustedZone is not accessible from outside. Both the Key generated by the Key master and the Users’ Pin created a high-level security code which can’t be evaded unless hacker knows one of them.
The easiest way to evade the users Pin is Brute force attack which is usually short and simple. The system uses all its energy to make it impossible to access the Master Key from outside thus it’s not possible to attack the Master Key from outside.
Unfortunately for the Android Qualcomm running smartphones, it seems now it is possible to access Key Master from outside. As per Pat analysis, it can be done through reverse engineering process. If reverse engineering process is done, it is quite possible to evade the TrsutedZone’s security of Android smartphones running on Qualcomm’s Soc. The Qualcomm’s smartphones Trusted Zone is called as QSEE (Q Qualcomm Secure And execution Environment).
By doing reverse engineering process, its master Key can be found and then just a few brute force attacks to get the PIN to get the full access to Qualcomm’s Android smartphone protected memory. Although both Google and Qualcomm’s released a number of patches to solve the issue and both of them are informed on the issue but so far nothing is the permanent solution.
Further in the long analysis report released Beniamini also explains the key differences amongst encryption process used by Apple and Android ecosystem. Apple encryption method is based on the unique hardware key which can be linked to any device whereas the Android ecosystem has more attachment with the software that’s why it’s not difficult for the OEMs to get the Master key of the device to decrypt it which is not possible for iOS running devices.
Still, the risk is confined to a very specific area and there are not many chances where someone uses his resources and time just to steal your documents or holiday photos you saved on your smartphone. In that case, we will mention that Full Disk Encryption on any ecosystem is not fully secured and no other operating system guarantees the absolute security of user’s mobile memory data. Do share your views below what do you guys think regarding the revelation made by Pet Analysis is a threat to your Qualcomm Android running smartphone or not.