I’m talking about this article that I remember reading last year, but I never fully comprehend it. https://archive.md/qgBWB
Especially one of the images:
What does “BFU Extractions” mean? Does it just straight up bypass any lockscreen, even Before First Unlock?
The first time I came across that article, I just assumed if you have a strong password, your fine, now I’m not so sure, I’m starting to get a bit paranoid… 😖
It means they can rip the encrypted data off the phone, then take it over to a system with a bunch of GPUs and brute-force the password.
password in this case, would it be the phones password, or a encryption key that uses the phones password for decryption?
if it’s the phones password, I assume if a password unlock was configured instead of a passcode, it would be significantly harder to brute force.
Same thing. Your lockscreen password/pattern/whatever is also the user partition decryption key. This is why BFU/AFU is a thing. After a reboot, the first unlock decrypts the partition. The key is stored in RAM. The only way to reset this is to reboot.
ok, I feel password lock would be more secure in this case then since its harder to brute force. For some that might be worth the more of a hassle unlocking
Not necessarily. The longer the better. Most people use a 4-digit passcode or simple pattern. A long passcode, generated by a CSPRNG is probably the best. I don’t know how biometrics stack up.
Biometrics are worst than a pin in a situation where your phone us hooked up to Cellebrite, because most likely they can just take your fingerprints, or make you press the sensor by force. Or even worse with facial recognition, because they can just wave the phone in front of you to unlock it.
It’s generally not super good otherwise either, at least not as a reliable way to derive an encryption key while being tolerant enough to damaged skin and positioning and all.
Biometrics are a good compromise for daily convenience: most people care about if they lose their phones or it gets stolen, and a thief will just factory reset it and flip it especially of the full qwerty keyboard pops up. Biometrics are still usually backed by a PIN or password, so biometrics makes it bearable to use a strong password since you only need to enter it once every couple days. And that password is the encryption key, so in BFU state you’re safe.
But isn’t the key supposed to be in the “Secure Element” (or whatever they call it)?
It’s derived by both a key from the TEE and the PIN/password.
The reason for that is so you need both the user’s correct password, and the TEE to agree to hand out the key, which it may refuse to do if there’s been too many attempts. When you factory reset it just generates a new key, instantly making all the previous data permanently inaccessible. The TEE will also wipe the key if you unlock the bootloader or try to break in the wrong way.
It’s still only roadblocks though, extract the key from the TEE and you have unlimited attempts on what are usually weak 4-6 digit PINs. It’s not a lot of tries. Then you better hope you had a good password.
It’s possible that they discovered a weakness in the way the keys are generated in the TPM (or whatever it’s called for Android), which brings the time to brute force down from 1,000 years to a few weeks with massive GPUs?
Similar story, as of a few years ago, OpenSSH announced deprecating support for RSA keys keys because of a vulnerability in SHA-1 hashing, where they cited research showing a determined attacker could break the key with $50k of compute power, which may seem like a lot, but is pretty feasible, necessitating the deprecation
I don’t know about the Android system, but during the initial design and fabrication, the hardware may have not been designed to withstand the compute power just a few years later, and can not be easily updated to improve the security. These are the weaknessed Cellebrite is looking for.
To an individual. For a business, that’s a quarterly spend. For the government, it doesn’t even come up in budget reviews.
Interesting. I figured there was just a backdoor in Knox or iOS it was using.
Theyre not saying anything about reading the key off the phone. Brute force the key by trying every key against the encrypted data dump.