In terms of security in Android, a new report has been released and covers a topic that has been the focus of media attention during the first half of the year: full encryption of a device. The debate exploded internationally due to Apple's decision, which refused to unlock an iPhone at the express request of the FBI, and has brought to light the moral side of the whole story; high levels of security can be used to protect ordinary citizens, but also a potential murderer.
In this case we talk about full disk encryption, but in Android, and the news is not particularly positive. Gal Beniamini, researcher in the field of security, announced that has been found a way that allows to get the Key-Master with which to overcome encryption in Android devices from version 5.0 and Qualcomm SoC. The whole procedure and the analysis is very technical, which refers to the source of detailed explanations, but we will try to explain, in simple terms, the principle that this encryption can be done and what the consequences are.
The analysis begins by explaining the method used by Android to create the encryption key tied to memory encryption process, which uses both the PIN chosen by the user as a key generated by a Key-Master completely outside the Android module. In fact, to avoid security problems, the Key-Master is assigned a defined portion called TrustedZone, inaccessible from the outside. The combination of the two elements, the PIN and the key generated by Key-Master, creates a high security code that can not be circumvented knowing only one of the two elements. The easiest way to obtain one, through a brute force attack, is the user's PIN, often short and simple, so practical. Thus, the entire security system is based on lack of access to the Key-Master, making unnecessary any attempted attack.
Unfortunately, this seems to be only a hypothetical scenario, as they have shown how, through reverse engineering processes, it is possible to pierce the TrustedZone of Qualcomm devices called QSEE (Qualcomm Secure Execution Environment), in order to gain access to Key-Master and from where to start the decryption process; then they get the PIN using brute force to gain full access to protected memory. In order to solve this problem permanently, you need new hardware because even updates provided by Qualcomm and Google, promptly informed on the subject, can be circumvented by the insecurity of QSEE versions.
The difference between the encryption system used by Apple and chosen by Google for Android, is that iOS is linked to a unique hardware key for any device, while Android has a greater link with software that would allow any manufacturer to obtain the Key-Master to decrypt the device, which is not possible in iOS. Obviously we are not talking about procedures available to everyone, so the risk is linked to very specific and sensitive work areas; nobody dares to spend their time and resources to steal your holiday photos, or any of the documents from one user. In any case, it is important to know that full disk encryption for Android, like any other operating system, does not guarantee the absolute security of the data.
