Becoming the Evil Maid - Hacking Android Disk Encryption for Fun and Profit

Abstract

Loosing your smartphone is painful enough, but having your data on there exposed to others can be devastating. This is why securing personal data on smartphones is of paramount importance. Android’s Full Disk Encryption (FDE) is a robust feature designed to protect user data, but what happens when your device stops working and you need to recover your encrypted data on it? Join David as he delves into the depths of Android’s Full Disk Encryption code in his quest to recover lost encryption keys.

David Gstir

David Gstir is an accomplished security researcher and software engineer with 15+ years of hands-on experience. He obtained a master’s degree in computer sciences from the University of Technology Graz, Austria where he specialized in IT security and cryptography. In his master’s thesis, he focused on analyzing attacks on AES, showcasing his expertise in this domain.

Throughout his career, David has been actively involved in security-related projects, successfully identifying vulnerabilities in various consumer and enterprise software. His extensive investigations encompass diverse areas such as password managers, Web3 solutions, embedded devices, and network security solutions.

In addition to his security expertise, David has a strong background in software engineering. He developed production-level software in a wide range of programming languages, and his contributions continue to be utilized today. He has particularly made contributions to open source software, playing a key role in introducing filesystem encryption and authentication to Linux’ UBIFS subsystem.