Here’s how an encrypted, locked Android and Apple phone gets bypassed

Researchers at John Hopkins University have released a report that highlights all vulnerabilities in Android and iOS smartphone encryption, explaining how law enforcement agencies exploit these to get into locked devices.

This report comes in at a time when various governments are pressing for backdoor entries to overcome device encryptions to access data in cases when national security is threatened.

According to the research, methods to get into a locked device are already available for law enforcement, but only if they have the right knowledge and tools. And this is the case because of the existing security loopholes in the iOS and Android ecosystem.

The research has been conducted by Maximilian Zinkus, Tushar Jois, and Matthew Green of Johns Hopkins University and shows that Apple has a “powerful and compelling” set of security and privacy controls that is backed by strong encryption. However, there is a critical lack of coverage since these tools are under-utilised allowing for law enforcement agencies and hackers to break in if they want.

Also Read: Govt agencies can still break into Apple iPhones regardless the security updates

“We observed that a surprising amount of sensitive data maintained by built-in apps is protected using a weak ‘available after first unlock' (AFU) protection class, which does not evict decryption keys from memory when the phone is locked. The impact is that the vast majority of sensitive user data from Apple's built-in apps can be accessed from a phone that is captured and logically exploited while it is in a powered-on (but locked) state,” the report states.

There is also a weakness in cloud backup and services, as the researchers pointed out. They found “several counter-intuitive features of iCloud that increase the vulnerability of this system'.

The researchers also highlighted the “blurred nature” of Apple documentation in the case of end-to-end encrypted cloud services and iCloud backup service.

In the case of Android smartphones, while the platform has strong protections, particularly on the latest flagship devices, the fragmented and inconsistent nature of security and privacy controls across Android devices make them more vulnerable as compared to Apple.

The research also blames slow rate of Android updates actually reaching devices and various other software architectural issues as the main reasons for a high breach rate in Android phones.

“Android provides no equivalent of Apple's Complete Protection (CP) encryption class, which evicts decryption keys from memory shortly after the phone is locked. As a consequence, Android decryption keys remain in memory at all times after ‘first unlock' and user data is potentially vulnerable to forensic capture,” the report states.

The report also adds that de-prioritisation and limited use of end-to-end encryption is also at fault.

The Researchers have pointed out the deep integration with Google services, such as Drive, Gmail, and Photos, as these apps offer rich user data that can be easily infiltrated.

“It just really shocked me, because I came into this project thinking that these phones are really protecting user data well. Now I've come out of the project thinking almost nothing is protected as much as it could be. So why do we need a backdoor for law enforcement when the protections that these phones actually offer are so bad?” Johns Hopkins cryptographer Matthew Green told the Wired.