Analysing Android's Full Disk Encryption Feature
نویسندگان
چکیده
Since Android 4.0, which was released in October 2011, users of Android smartphones are provided with a built-in encryption feature to protect their home partitions. In the work at hand, we give a structured analysis of this software-based encryption solution. For example, software-based encryption always requires at least a small part of the disk to remain unencrypted; in Android this is the entire system partition. Unencrypted parts of a disk can be read out and are open to system manipulations. We present a tool named EvilDroid to show that with physical access to an encrypted smartphone only (i.e., without user level privileges), the Android system partition can be subverted with keylogging. Additionally, as it was exemplary shown by attacks against Galaxy Nexus devices in 2012, Android-driven ARM devices are vulnerable to cold boot attacks. Data recovery tools like FROST exploit the remanence effect of RAM to recover data from encrypted smartphones, at worst the disk encryption key. With a Linux kernel module named Armored, we demonstrate that Android’s software encryption can be improved to withstand cold boot attacks by performing AES entirely on the CPU without RAM. As a consequence, cold boot attacks on encryption keys can be defeated. We present both a detailed security and a performance analysis of Armored.
منابع مشابه
Android full-disk encryption: a security assessment
Mobile phones evolved from basic telecommunication devices to smartphones which are, in essence, pocket computers. With this technological evolution their usage also changed. Nowadays users do not just keep contact details and text messages but also e-mails, chat communications, documents, browsing history and other data stored on their mobiles. Different actors are interested in this data: cri...
متن کاملBypassing Local Windows Authentication to Defeat Full Disk Encryption
Full disk encryption is a defensive measure in which all data stored on a physical disk or volume is encrypted, therefore protecting any data stored on a device such as saved passwords, emails, session tokens, and intellectual property. Full disk encryption protects data at rest, assuring confidentiality even when an attacker has physical access such as when a device is lost or stolen. BitLocke...
متن کاملgot HW crypto? On the (in)security of a Self-Encrypting Drive series
Self encrypting devices (SEDs) doing full disk encryption are getting more and more widespread. Hardware implemented AES encryption provides fast and transparent encryption of all user data on the storage medium, at all times. In this paper we will look into some models in a self encryption external hard drive series; the Western Digital My Passport series. We will describe the security model o...
متن کاملAn Adaptive Technique using Advanced Encryption Standard to Implement Hard Disk Security
The main objective of the paper is to study and develop an efficient method for Hard Disk Drive(HDD) Security using Full Disk Encryption (FDE) with Advanced Encryption Standards(AES) for data security specifically for Personal Computers(PCS) and Laptops. The focus of this work is to authenticate and protect the content of HDD from illegal use. The paper proposes an adaptive methods for protecti...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- JoWUA
دوره 5 شماره
صفحات -
تاریخ انتشار 2014