1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

The full-disk encryption protecting your Android can be cracked

Discussion in 'Network World' started by RSS, Jul 3, 2016.

  1. RSS

    RSS New Member Member

    If you have an Android device running 5.0 (Lollipop) or later, and powered by a Qualcomm Snapdragon processor, then you should know that a security researcher demonstrated how to crack the full-disk encryption (FDE) with brute-force attacks; the fix is not necessarily as simple as installing new firmware and might require changes to hardware.

    Full-disk encryption, which is supported on devices running Lollipop on up, is supposed to protect files on the storage drive. Android uses a randomly chosen 128-bit device encryption key which is further encrypted using a user’s PIN, password or swipe pattern. The master key, or Device Encryption Key (DEK), is stored on a user’s device; it is bound to the device’s hardware though Android’s KeyMaster, which runs in the TrustZone. In other words, an attacker should not be able to extract the crypto key for this walled-off and protected section.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page