Cracking Android's full-disk encryption is easy on millions of phones – with a little patience
Just need a couple of common bugs, some GPUs and time
So... is it patched?
If you're running a Nexus device or otherwise have received and installed the fixes from Google and Qualcomm, then you're safe until the next privilege escalation bugs are found (and there will be more. There always is). Without these programming flaws, you cannot leap from userspace to the kernel to QSEE to KeyMaster.
However, there's a large pool of unpatched Android handsets out there because it's down to the manufacturers and mobile carriers to test, validate and distribute updates to their customers. People's phones and tablets won't trust patches unless they've been signed off by their manufacturers, and Android hardware makers are notoriously slow to do so. That leaves folks with holes in their handhelds' operating system.
A lot of the time, Google can quietly push out patches via Google Play services: the software can install fixes directly from the mothership, bypassing tardy hardware makers. However, problems deep within Android and its drivers – such as the bugs exploited to crack the KeyMaster – cannot be fixed by the Play services, and must be fixed via updates obtained from the manufacturer. When they finally appear, of course.
Even if you are patched, this issue isn't going to go away, Beniamini said, because the way the Qualcomm TrustZone operates means that if another privilege escalation hole is found it can be used in the same way.
"If anyone finds another TrustZone bug in the KeyMaster module, or manages to elevate privileges to the TrustZone kernel, they'd be able to extract the KeyMaster keys again," he said. "This is really the sore point of it all – it means that the FDE scheme is only as strong as the TrustZone software."
Beniamini's exploit code, published on GitHub, checks out according to security experts contacted by The Reg, and the attack does make it possible to brute-force decrypt a phone's file system. Obviously, the stronger the PIN or password, the longer it will take to crack the encryption key – but it's better than trying to crack a 2048-bit RSA key.
"I've been contacted by the developer of hashcat, a platform used to rapidly crack various types of hashes and PRFs," Beniamini said.
"He said he would like to implement the key derivation function (which is the function being brute-forced) in the hashcat framework. Such an implementation would be very fast (and even faster once you 'throw' more hardware at it)."
Google pointed out that the issue is patched in the latest build of Android. Qualcomm told The Register that it had been working with Beniamini and Google on the issue after finding the bugs some time ago.
A Google spokesperson said: "We appreciate the researcher's findings and paid him for his work through our Vulnerability Rewards Program. We rolled out patches for these issues earlier this year."
Alex Gantman, vice president of engineering at Qualcomm, told us: "It's an architectural problem in how current Android architecture handles FDE. We are aware of this and are working with Google to make this more robust in the future."
The fear is that a serious change will require new hardware, leaving older customers with insecure handsets. But Gantman said that there are "things that can be done" with the existing hardware to make this kind of attack a lot less plausible. ®