Any encryption method can theoretically be brute-force attacked successfully, but only with enough compute resources and time. A vulnerability in how Qualcomm chipsets handled Androids FDE (full disk encryption) makes it far easier to simply find and steal the keys used for encryption instead.

Qualcomm Android FDE Vulnerability

Qualcomm Android devices can be decrypted much easier than others, for now

Gal Benjamin showed two vulnerabilities within the Qualcomm Secure Execution Environment, Qualcomm’s own version of the ARM TrustZone, a separate hardware module that runs its own kernel to hold secret keys and to generate passwords and can even run an isolated instance of an OS to run protected code that you don’t want to easily be hacked. Samsung’s Knox makes heavy use of it to have a completely separate and secure profile for business that’s different than your personal one.

The problem is in how the Device Encryption Key, the key used to encrypt the entire disk, is stored. Though it itself is encrypted with a a key that’s derived from your device password, it seems that the DEK is actually stored in a secure software environment that’s easily extracted. Decrypting the key is a bit more easy, and has even worse implications. Benjamin used a simple Python script on the phone itself to find the key in the KeyMaster and extract to extract that key, and it could be brute-forced directly on the device itself or exported to be decrypted faster on a purpose built compute cluster, or in the cloud.

Qualcomm has since issued a patch since it’s been discovered, though it seems that because it’s kept in a portion of the software itself, it can still be extracted via forensic tools if one has the encrypted disk image itself. This is only a vulnerability in Qualcomm’s implementation of encryption, however. Apple and even other ARM designs keep the keys completely separate from the OS in a dedicated hardware module that takes far more than simple tools to extract from. One would need to use a chip-off method where the physical memory is detached and placed in specialized equipment to read. That’s an expensive venture.

But the fact still remains that acquiring an decrypting your device is surprisingly easy and there’s still little that can be done, even if it isn’t quite as easily exposed. It’s still at risk regardless. It’s been patched in Android, but not all devices receive those timely updates and this leaves many devices at risk. Qualcomm is also the market leader in ARM-like chipsets for mobile devices. Hopefully a security patch is pushed out by all makers soon so everyone can be more protected.