Analysing Android's Full Disk Encryption Feature

Beitrag in einer Fachzeitschrift
(Originalarbeit)


Details zur Publikation

Autorinnen und Autoren: Götzfried J, Müller T
Auflage: 1
Titel Sammelwerk: Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications
Zeitschrift: Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications
Verlag: JoWUA
Verlagsort: Korea
Jahr der Veröffentlichung: 2014
Band: 5
Seitenbereich: 84-100
ISSN: 2093-5374


Abstract

Since Android 4.0, which was released in October 2011, users of Android smartphones are provided with a built-in encryption feature to protect their home partitions. In the work at hand, we give a structured analysis of this software-based encryption solution. For example, software-based encryption always requires at least a small part of the disk to remain unencrypted; in Android this is the entire system partition. Unencrypted parts of a disk can be read out and are open to system manipulations. We present a tool named EvilDroid to show that with physical access to an encrypted smartphone only (i.e., without user level privileges), the Android system partition can be subverted with keylogging. Additionally, as it was exemplary shown by attacks against Galaxy Nexus devices in 2012, Android-driven ARM devices are vulnerable to cold boot attacks. Data recovery tools like FROST exploit the remanence effect of RAM to recover data from encrypted smartphones, at worst the disk encryption key. With a Linux kernel module named Armored, we demonstrate that Android's software encryption can be improved to withstand cold boot attacks by performing AES entirely on the CPU without RAM. As a consequence, cold boot attacks on encryption keys can be defeated. We present both a detailed security and a performance analysis of Armored.


FAU-Autorinnen und Autoren / FAU-Herausgeberinnen und Herausgeber

Götzfried, Johannes
Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)
Müller, Tilo Dr.-Ing.
Lehrstuhl für Informatik 1 (IT-Sicherheitsinfrastrukturen)


Zitierweisen

APA:
Götzfried, J., & Müller, T. (2014). Analysing Android's Full Disk Encryption Feature. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, 5, 84-100.

MLA:
Götzfried, Johannes, and Tilo Müller. "Analysing Android's Full Disk Encryption Feature." Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications 5 (2014): 84-100.

BibTeX: 

Zuletzt aktualisiert 2018-07-11 um 16:38