19 Feb 2013

German Researchers Freeze Phone to Bypass Encryption


Ice can preserve many things, from food to flowers, but it can also keep volatile data on your encrypted smartphone long enough to expose your secrets. Or so a team of German researchers found out.

According to their research, the recovery process starts with letting the target smartphone chill in the freezer for about an hour. As Android terminals running version 4.0 and up have their storage automatically encrypted, data can only be accessed after entering the correct PIN. Like many other encryption mechanisms, the encryption keys are saved in the RAM.

When the device gets turned off, the information in the RAM (the volatile memory of the device) does not go off instantly, but persists for a while because of the remanence effect of the chips. The researchers only had to freeze the device for an hour after turning it off to slow the dispersion of the data.

The next step involves the use of FROST (Forensic Recovery of Scrambled Telephones) – a data recovery utility that can recover encryption keys stored in the volatile memory, then decrypt the cell phone’s storage.

Cold-boot attacks are nothing new in the IT&C industry, but the experiment by German researchers Tilo Müller and Michael Spreitzenbarth shows they can be successfully used against devices other than laptops and desktops. It also outlines the need for a contingency plan including device location and remote wipe in the case of a lost smartphone - simply waiting for the battery dry out may not work as thought.