2024-11-11 –, WestIn - Munich
Loosing your smartphone is painful enough, but having your data on there exposed to others can
be devastating. This is why securing personal data on smartphones is of paramount importance.
Android's Full Disk Encryption (FDE) is a robust feature designed to protect user data, but what
happens when your device stops working and you need to recover your encrypted data on it?
Join David as he delves into the depths of Android's Full Disk Encryption code in his quest to
recover lost encryption keys.
When David embarked on his side project of examining Android's FDE feature, his goal was to determine if it was possible to decrypt disk contents even if the device had been factory reset or partially broken. After some reverse engineering, countless trials and errors, and several surprising discoveries, he is now on the brink of success.
In this session, David will take the audience on a journey through how Android secures it storage, how and when TrustZones are involved, what Linux has to do with it and what unexpected discoveries he made along the way.
Android disk encryption hacking
David Gstir is an accomplished security researcher and software engineer with 15+ years of hands-on experience. He obtained a master's degree in computer sciences from the University of Technology Graz, Austria where he specialized in IT security and cryptography. In his master's thesis, he focused on analyzing attacks on AES, showcasing his expertise in this domain.
Throughout his career, David has been actively involved in security-related projects, successfully identifying vulnerabilities in various consumer and enterprise software. His extensive investigations encompass diverse areas such as password managers, Web3 solutions, embedded devices, and network security solutions.
In addition to his security expertise, David has a strong background in software engineering. He developed production-level software in a wide range of programming languages, and his contributions continue to be utilized today. He has particularly made contributions to open source software, playing a key role in introducing filesystem encryption and authentication to Linux' UBIFS subsystem.