A security researcher has discovered how to bypass full disk encryption on the Android operating system. Two security holes in Qualcomm’s TrustZone implementation allow the discovery of encrypted files on the drive.
The exploit was conceived and published by Gal Beniamini, who explained on his blog how he arrived at his find. According to the security researcher, two vulnerabilities can be used in TrustZone, the hardware security system developed by ARM that is used in Qualcomm chips, among others. The bugs are numbered CVE-2015-6639 and CVE-2016-2431, but have already been patched by Google in updates released in January and May. As a result, it is not clear how many Android users are still susceptible to the bugs.
Beniamini discovered that it is possible to retrieve the encryption keys by accessing the so-called Qualcomm Secure Execution Environment. Within this environment, certain applications can be run separately from the Android operating system itself. One of those apps is Keymaster, which manages, among other things, keys for the disk encryption for Android. It is possible to extract the stored keys from TrustZone, and then use them to bypass the encryption.
However, physical access to the device is required to extract the keys from TrustZone; with only malware, malicious parties will not be able to bypass the security. An image has to be flashed to trick TrustZone. The method is therefore particularly suitable for government agencies that want to crack confiscated smartphones from suspects.
However, in order to access the file system, a brute force attack still requires the user’s password or PIN to be retrieved. Normally, just retrieving the password will not work as it is used in conjunction with the encryption key to maintain security. Even after finding out the encryption key, it is possible that users are still well protected; those who choose a long and complex password are less susceptible to a brute force attack.
Qualcomm is aware of the issues with the implementation of TrustZone, but a quick fix for the vulnerabilities does not appear to be forthcoming. It might require hardware changes, says Beniamini. Google introduced file system encryption with Android 5.0. As of version 6.0, Google required disk encryption for some Android devices.
Due to the security issues, users with an encrypted file system are still prone to stealing data. This only applies to devices that are built on the basis of a Qualcomm soc, and therefore run on an Android version that does not have the latest security patches. Incidentally, Beniamini states that other chip makers may also have a vulnerable implementation of TrustZone, but this has not yet been investigated.