Dissecting the Modern Android Data Encryption Scheme

Explore the intricacies of Android's user data encryption in this conference talk from Recon 2023. Delve into the logic behind key generation and storage for File-Based Encryption, following the implementation steps in the Android Open Source Project (AOSP). Discover how elements from the file system, Trusted Execution Environment (TEE), and Secure Element combine with user credentials to create final encryption keys. Examine two attack scenarios targeting Gatekeeper and Weaver mechanisms, utilizing known software vulnerabilities on Samsung A22 and Pixel 3a devices. Gain comprehensive insights into user data encryption and authentication, covering design principles, implementation details, and attacker strategies. Learn from security researchers Maxime Rossi Bellom and Damiano Melotti as they present their findings on modern Android data encryption schemes, providing an up-to-date reference for fellow researchers reviewing these mechanisms and their internals.