FORUMS

[SECURITY] Security on android - FS encryption, among others

1,061 posts
Thanks Meter: 879
 
Post Reply Email Thread
Hi! I managed to compile a bionic version of cryptsetup with libcrypto instead of gcrypt, and I put it inside Steam Kernel, so anyone can play with it. This is actually not new to android, as from Froyo, the APKs that can get installed on the external SD, are actually also uding dm-crypt, although they are doing through vold, and not via device-mapper. It is actually strange, that Android has filesystem encryption on inside the kernels by default, but they are using it to keep us out from the system, and not actually to make other people get inside the system more harder.

In Steam Kernel, you can now chose to apply filesystem encryption to any of the 3 main partitions (cache, data, dbdata). The password can be entered using the screen by one, or multiple Swypes (up to 255 elements). Each swype creates a word, and words will be separated by "_". This mechanism was invented, as with this one can potentially achieve a good-enough entropy (although I'm not a cryptoanalyst), than by for example a simple PIN code entry box.

If you worry about speed, quadrant scores are around 1400 if using ext4+crypt, so they're still better, than stock rfs. I can't say much about battery life yet.

This feature is beta however, so don't rely valuable data to it yet, as it hasn't been throughly tested yet. (ancrpytion should be fine, I'm actually worried about data corruption).


The way to secure android is not yet finished however. I'm trying to find a way to secure adb, even if it's running root mode. (as running adb in root mode is good for debugging, but bad for security).


Questions on this topic is welcome.
Attached Thumbnails
Click image for larger version

Name:	device2.jpg
Views:	917
Size:	36.3 KB
ID:	469674  
The Following 14 Users Say Thank You to sztupy For This Useful Post: [ View ] Gift sztupy Ad-Free
21st December 2010, 03:05 PM |#2  
supercurio's Avatar
Retired Senior Recognized Developer
Flag Chambéry
Thanks Meter: 5,089
 
Donate to Me
More
Very impressive stuff, and still opensource.

It's a real innovation, congrats!
The Following User Says Thank You to supercurio For This Useful Post: [ View ] Gift supercurio Ad-Free
21st December 2010, 03:10 PM |#3  
supercurio's Avatar
Retired Senior Recognized Developer
Flag Chambéry
Thanks Meter: 5,089
 
Donate to Me
More
Quote:
Originally Posted by sztupy

The way to secure android is not yet finished however. I'm trying to find a way to secure adb, even if it's running root mode. (as running adb in root mode is good for debugging, but bad for security).

First weak security point for the Galaxy S phones is definitely the ability to flash anything with Odin.
As you cannot trust, well... anything your Filesystem Encryption approach is definitely the good one!

Other current weak point is the adbd exploit (rageagainstthecage) - so easy to use. I guess you can replace adbd in your ramdisk by the Gingerbread one, which is not vulnerable, if not done already
21st December 2010, 03:12 PM |#4  
Yes this is really impressive man...
You should be hired by samsung to set there software ass rite :D

Sent from my GT-I9000 using XDA App
21st December 2010, 03:17 PM |#5  
sztupy's Avatar
OP Inactive Recognized Developer
Flag London
Thanks Meter: 879
 
Donate to Me
More
Quote:
Originally Posted by supercurio

First weak security point for the Galaxy S phones is definitely the ability to flash anything with Odin.
As you cannot trust, well... anything your Filesystem Encryption approach is definitely the good one!

Other current weak point is the adbd exploit (rageagainstthecage) - so easy to use. I guess you can replace adbd in your ramdisk by the Gingerbread one, which is not vulnerable, if not done already

You would still lose the benefit of being secure + having the comfort of adb root. I'm more into the fact you have to login to the phone in order to use adb, just like you have to login to a real linux.
21st December 2010, 05:50 PM |#6  
supercurio's Avatar
Retired Senior Recognized Developer
Flag Chambéry
Thanks Meter: 5,089
 
Donate to Me
More
Quote:
Originally Posted by sztupy

You would still lose the benefit of being secure + having the comfort of adb root. I'm more into the fact you have to login to the phone in order to use adb, just like you have to login to a real linux.

I meant, for general security, we can replace the vulnerable adbd by a non vulnerable updated one - just that -
21st December 2010, 06:08 PM |#7  
ragin's Avatar
Senior Member
Flag Hubli
Thanks Meter: 159
 
More
I feel your title could have security under [ ]. More noticiable.

AS I SEE IT NOW. supercurio's THANK's meter stands at 666. ROFL...

EVIL
22nd December 2010, 06:23 PM |#8  
kidoucorp's Avatar
Retired Forum Moderator
Thanks Meter: 41
 
More
Seems really great !

I'm not sure about a thing : Does this work when you power on the device (ie, you'll have to enter a pass to make it boot to Android), or before to be able entering into recovery ? Or none of these two things, and I totally misunderstood what you're saying ?

I was about to make a request to Koush if he could add some (basic?) security system to his recovery, as if you phone is stolen, they even won't be able to reflash a new rom.

This security layer + WaveSecure or any similar soft, and you would be sure that even if you phone is stolen / lost, nobody will be able to use it

Anyway thanks for your big stuff, will look deeper for sure when I'll get some free time, but your steam package seems amazing

Cheers
22nd December 2010, 10:09 PM |#9  
sztupy's Avatar
OP Inactive Recognized Developer
Flag London
Thanks Meter: 879
 
Donate to Me
More
This works when you want to mount the partition. (eg at every boot). The partition can not be mounted wirhout a password ever
The Following User Says Thank You to sztupy For This Useful Post: [ View ] Gift sztupy Ad-Free
22nd December 2010, 10:43 PM |#10  
mr_at_sgs's Avatar
Senior Member
Thanks Meter: 25
 
More
Amazing project. Good work.
22nd December 2010, 10:46 PM |#11  
Member
Thanks Meter: 5
 
More
Now wait just a moment...why would you encrypt those directories, when you alone (the user) are responsible for giving applications certain permissions. I mean...you agree to giving access to your Radio, messages and...whatever when you install applications, but then you want to encrypt certain directories. Why? You've already installed a trojan or a root kit and given it permission to do whatever it wants to do. That's the main security issue.
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes