A flaw in Qualcomm processors allows access to ciphered information

A flaw in Qualcomm mobile processors, used in 60% Android mobiles, allows an attacker to access the ciphered information stored. The ciphering keys are generated using a module called KeyMaster, that depends on Qualcomm Secure Environment Execution (QSEE). A vulnerability in QSEE allows a brute force attack without triggering the wiping mechanism implemented on Android to prevent this kind of attack.

References:

05/07/2016 infosecurity-magazine.com Full Encryption Flaw Affects Half of All Android Phones
05/07/2016 threatpost.com ENCRYPTION BYPASS VULNERABILITY IMPACTS HALF OF ANDROID DEVICES
04/07/2016 csoonline.com Android full disk encryption can be brute-forced on Qualcomm-based devices
11/07/2016 elandroidlibre.com Encuentran una vulnerabilidad del cifrado de datos en dispositivos Qualcomm
30/06/2016 http://bits-please.blogspot.com.es Extracting Qualcomm's KeyMaster Keys - Breaking Android Full Disk Encryption

Tags:

Corporate access

A flaw in Qualcomm processors allows access to ciphered information