Unveiling Encryption Key Vulnerability in Qualcomm-Powered Android Devices

An in-depth analysis led by an Israeli researcher, Gal Beniamini, has discovered a worrying vulnerability in Android’s Full Disk Encryption (FDE) on hardware using Qualcomm’s chip. The study, published [in his blog post](https://bits-please.blogspot.com.ng/2016/06/extracting-qualcomms-keymaster-keys.html) casts a spotlight on the unwelcome comparison between the encoder safety of iOS – which was ultimately decimated by the FBI – and Qualcomm boosted Android devices, which maintain encryption keys in the software.

Two vulnerabilities, [CVE-2015-6639](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6639) and [CVE-2016-2431](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2431) form the crux of this research. Although Google and Qualcomm have reportedly fixed them, with the first in January and the latter in May, they still awarded the researcher for his effort under the bug bounty program.

Interestingly, while security team Duo Security confirmed that both flaws have been repaired on a large scale, they estimate that 37% of Android devices that employ the Duo app are still susceptible to attacks because patches have yet to reach them. Furthermore, Beniamini suggested that some Android devices once susceptible but subsequently repaired, including a tested Nexus 6 unit, can be reverted to their insecure former states.

Beniamini’s research imperatively included [exploit code](https://github.com/laginimaineb/ExtractKeyMaster) that extracts the disk encryption keys by effectively leveraging both vulnerabilities in [TrustZone](http://www.arm.com/products/processors/technologies/trustzone/index.php), a suite of security-related features within the [ARM processors](http://www.arm.com/products/processors/index.php) that Qualcomm provides to phone manufacturers.

A measure of the encryption potency of Apple’s iOS devices and Qualcomm augmented Android devices was provided by the researcher. He cited that each appliance has a unique, unchangeable 256-bit key termed the UID, which is arbitrarily generated and integrated into the device’s hardware during manufacturing. Even Apple is unable [to pry out from the device](http://techbooky.com/even-apple-cannot-access-encrypted-data-on-newer-iphones-plus-over-6-5-million-pay-for-apple-music/) once sealed in.

This research starkly highlights the considerable difference between the encryption provided by Apple’s iOS and Qualcomm’s Android devices. It is vital to note that while it might be a complex task to break into these Android devices, it is not entirely impossible with advanced techniques or a potentially robust password.

Beniamini’s research provides the following four concrete takeaways:

1. **The key derivation is not hardware bound.** This suggests that the vulnerability is software-based, escalating potential threat levels for millions of devices.

2. **OEMs can comply with law enforcement to break Full Disk Encryption.** Essentially, it would enable law enforcement agencies to effortlessly execute a brute-force attack on the FDE password off the device using leaked keys.

3. **Patching TrustZone vulnerabilities doesn’t necessarily provide full protection.** Attackers could potentially exploit TrustZone to extract keys and use them to brute-force the encryption.

4. **Android FDE is only as secure as the TrustZone kernel or KeyMaster.** This means finding vulnerabilities in either of them could potentially expose the KeyMaster keys, enabling off-device attacks on Android [FDE](https://www.techbooky.com/).

Android operating system vulnerabilities have often been the subject of numerous studies, with varying results. Despite several security breaches, the overarching problem lies not with Android itself, but primarily with third-party devices or applications susceptible to security breaches.

This article was updated in 2025 to reflect modern realities.