Abstract
At the end of 2011, Google released version 4.0 of its Android operating system for smartphones. For the first time, Android smartphone owners were supplied with a disk encryption feature that transparently encrypts user partitions. On the downside, encrypted smartphones are a nightmare for IT forensics and law enforcement, because brute force appears to be the only option to recover encrypted data by technical means. However, RAM contents are necessarily left unencrypted and, as we show, they can be acquired from live systems with physical access only. To this end, we present the data recovery tool Frost (Forensic Recovery of Scrambled Telephones). Using Galaxy Nexus devices from Samsung as an example, we show that it is possible to perform cold boot attacks against Android smartphones and to retrieve valuable information from RAM. This information includes personal messages, photos, passwords and the encryption key. Since smartphones get switched off only seldom, and since the tools that we provide must not be installed before the attack, our method can be applied in real cases.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Smith, A.: 35% of American adults own a smartphone. Pew Internet and American Life Project. Pew Research Center (July 2011)
Ponemon Institute LLC. The Lost Smartphone Problem: Benchmark study of U.S. organizations. In: Ponemon Institute Research Report. sponsored by McAfee (October 2011)
Gutmann, P.: Data Remanence in Semiconductor Devices. In: Proceedings of the 10th USENIX Security Symposium, Washington, D.C. USENIX Association (August 2001)
Halderman, J.A., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W.: Lest We Remember: Cold Boot Attacks on Encryptions Keys. In: Proceedings of the 17th USENIX Security Symposium, San Jose, CA, August 2008, pp. 45–60. Princeton University, USENIX Association (August 2008)
Android Open Source Project (AOSP). Notes on the implementation of encryption in Android 3.0, source.android.com/tech/encryption/
Turan, M., Barker, E., Burr, W., Chen, L.: Special Publication 800-132: Recommendation for Password-Based Key Derivation. Technical report, NIST, Computer Security Division, Information Technology Laboratory (December 2010)
Aviv, A.J., Gibson, K., Mossop, E., Blaze, M., Smith, J.M.: Smudge Attacks on Smartphone Touch Screens. In: WOOT 2010, 4th USENIX Workshop on Offensive Technologies. Department of Computer and Information Science, University of Pennsylvania (August 2010)
Kumar, M.: Android facial recognition based unlocking can be fooled with photo. The Hacker News (November 2011), http://thehackernews.com/
Skorobogatov, S.: Data Remanence in Flash Memory Devices. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 339–353. Springer, Heidelberg (2005)
Anderson, R., Kuhn, M.: Tamper Resistance – a Cautionary Note. In: The Second USENIX Workshop on Electronic Commerce Proceedings, Oakland, California, pp. 1–11. USENIX Association (November 1996)
Rahmati, A., Salajegheh, M., Holcomb, D., Sorber, J., Burleson, W., Fu, K.: TARDIS: Time and Remanence Decay in SRAM to Implement Secure Protocols on Embedded Devices withou Clocks. In: 21st USENIX Security Symposium, Bellevue, WA, UMass Amherst, USENIX Association (August 2012)
Saxena, N., Voris, J.: We Can Remember It for You Wholesale: Implications of Data Remanence on the Use of RAM for True Random Number Generation on RFID Tags. In: 5th Workshop on RFID Security (RFIDSec), Leuven, Belgium, Polytechnic Institute of New York University (July 2009)
xdadevelopers. Google Play Nexus not wiping after Bootloader Unlock. Thread 1650830 (April 2012), http://forum.xda-developers.com
xdadevelopers. Internal Memory Data Recovery - Yes We Can! Thread 1994705 (November 2012), http://forum.xda-developers.com
xdadevelopers. GT-i9100 Galaxy SII FAQ. Thread 1046748 (April 2011), http://forum.xda-developers.com
Sylve, J.: LiME - Linux Memory Extractor. In: ShmooCon 2012, Washingtion, D.C. Digital Forensics Solutions, LLC (January 2012)
Zugelder, M.: androidcrypt.py (April 2012), https://github.com/michael42/androidcrypt.py/
Cannon, T., Bradford, S.: Into the Droid: Gaining Access to Android User Data. In: DefCon 2012. VIA Forensics (July 2012)
Müller, T., Freiling, F., Dewald, A.: TRESOR Runs Encryption Securely Outside RAM. In: 20th USENIX Security Symposium, San Francisco, California. University of Erlangen-Nuremberg, USENIX Association (August 2011)
Müller, T., Taubmann, B., Freiling, F.C.: TreVisor: OS-Independent Software-Based Full Disk Encryption Secure Against Main Memory Attacks. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 66–83. Springer, Heidelberg (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Müller, T., Spreitzenbarth, M. (2013). FROST. In: Jacobson, M., Locasto, M., Mohassel, P., Safavi-Naini, R. (eds) Applied Cryptography and Network Security. ACNS 2013. Lecture Notes in Computer Science, vol 7954. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38980-1_23
Download citation
DOI: https://doi.org/10.1007/978-3-642-38980-1_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-38979-5
Online ISBN: 978-3-642-38980-1
eBook Packages: Computer ScienceComputer Science (R0)