Samsung S8 Encryption Failure

Samsung S8 Encryption Failure

The content of the article

The FBI tried through court to twist the hands of Apple, not wanting to create code to circumvent its own security system. A critical vulnerability has been detected in the Android kernel, allowing root access bypassing all defense mechanisms. Although these two events are not interconnected, they coincided in time, clearly demonstrating the differences in the security system of the two popular mobile OSs. We put aside for a moment the question of the critical vulnerability of the Android kernel, which is unlikely to be ever fixed by most manufacturers in already released models, and consider the data encryption mechanisms in Android and Apple iOS. But first, let’s talk about why encryption is needed in mobile devices.

Why encrypt the phone?

An honest person has nothing to hide. the most popular leitmotif that sounds after each publication on the topic of data protection. “I have nothing to hide,” say many users. Alas, much more often, this means only confidence that no one will bother to get into the data of a specific Vasya Pupkin, for who are they interested in? Practice shows that this is not so. We won’t go far: literally last week, the school teacher’s career ended, leaving the phone on the table for a moment. Pupils instantly unlocked the apparatus and removed from it the teacher’s photos in a form that is condemned by the Puritan morality of American society. The incident served as a sufficient basis for the dismissal of the teacher. Similar stories occur almost daily.

How to crack unencrypted phones

We will not go into details, just keep in mind: data from an unencrypted phone can be extracted in almost a hundred percent of cases. “Almost” here refers more likely to cases where the phone was tried to be physically damaged or destroyed immediately before data collection. Many Android and Windows Phone devices have a service mode that allows you to merge all data from the device’s memory through a regular USB cable. This applies to most devices on the Qualcomm platform (HS-USB mode, which works even when the bootloader is locked), on Chinese smartphones with MediaTek (MTK), Spreadtrum and Allwinner processors (if the bootloader is unlocked), as well as all LG smartphones (there generally convenient service mode, which allows you to merge data even from a “bricked” device).

But even if the phone does not have a service back door, you can still get data from the device by disassembling the device and connecting to the JTAG test port. In the most advanced cases, an eMMC chip is removed from the device, which is inserted into the simplest and very cheap adapter and works according to the same protocol as the usual SD card. If the data has not been encrypted, everything is easily retrieved from the phone, even authentication tokens that provide access to your cloud storages.

What if encryption was turned on? In older versions of Android (up to 4.4 inclusive), this could be circumvented (with the exception, however, of Samsung-made devices). But in Android 5.0, the strong encryption mode finally appeared. But is it as useful as Google believes? Let’s try to figure it out.

Android 5.0-6.0

The first device running Android 5.0 was Google Nexus 6, released in 2014 by Motorola. At that time, 64-bit mobile processors with ARMv8 architecture were already actively promoting, but Qualcomm did not have a ready-made solution on this platform. As a result, the Nexus 6 used the Snapdragon 805 chipset, based on Qualcomm’s 32-bit cores.

Why is it important? The fact is that ARMv8-based processors have a built-in instruction set to speed up stream encryption of data, while 32-bit ARMv7 processors do not.

So watch your hands. There are no instructions for accelerating crypto in the processor, so Qualcomm integrated a dedicated hardware module into the system logic set, designed to perform the same functions. But something did not work out for Google. Either the drivers weren’t added at the time of release, or Qualcomm did not provide the source codes (or did not allow publishing them in AOSP). Details to the public are unknown, but the result is known: Nexus 6 shocked browsers with an extremely slow reading speed. How slow? Something like this:

Encrypted data read / write speed

The reason for the eight-fold lag behind the “younger brother”, the Motorola Moto X 2014 smartphone, is simple: forcibly encrypted, implemented by the company at the software level. In real life, users of the Nexus 6 on the original version of the firmware complained about numerous lags and friezes, a noticeable heating of the device and relatively weak autonomy. Installing a kernel that disables forcibly activated encryption at once solved these problems.

However, firmware is such a thing, because you can finish it, right? Especially if you are Google, have unlimited finances and have the most qualified developers on staff. Well, let’s see what happened next.

And then there was Android 5.1 (six months later), in which the necessary drivers for working with a hardware accelerator were first added in the preliminary version of the firmware, and then again removed in the final version due to serious problems with sleep mode. Then there was Android 6.0, at the time of the release of which users had already lost interest in this game and began to disable encryption by any means using third-party kernels. Or do not disconnect if the reading speed of 25-30 MB / s is enough.

Android 7.0

Well, but in Android 7, could you fix the serious problem of the flagship device, which has been almost two years old? You can, and it was fixed! In the Elcomsoft laboratory, we compared the performance of two identical Nexus 6s, on one of which Android 6.0.1 was installed with the ElementalX core (and encryption disabled), while the second was running the first preliminary version of Android 7 with default settings ( encryption enabled). The result is obvious:

Continuation is available only to participants. Option 1. Join the community to read all materials on the site.

Membership in the community during the specified period will open you access to ALL Hacker materials, increase your personal cumulative discount and allow you to accumulate a professional Xakep Score! details

Option 2. Open one material

Interested in the article, but there is no way to become a member of the club? Then this option is for you! Please note: this method is only suitable for articles published more than two months ago.

Oleg Afonin

Expert in mobile forensics at Elcomsoft