Post-graduate theses
Current Record: 39 of 833
|
Identifier |
000457358 |
Title |
Encryption workarounds for Android |
Alternative Title |
Παράκαμψη κρυπτογράφησης για Android |
Author
|
Μπάσα, Σκέρντι Μ.
|
Thesis advisor
|
Μαρκάτος, Ευάγγελος
|
Reviewer
|
Μαγκούτης, Κωνσταντίνος
Τζίτζικας, Ιωάννης
Μανιφάβας, Χάρης
|
Abstract |
Encryption on Android involves the process of encoding user data both on
the device and during transit using either symmetric or asymmetric encryption
keys. When a device is encrypted, all data created by the user is automatically
encrypted before being stored on the disk, and decryption occurs automatically
when the data is accessed by an authorized process. The purpose of encryption is
to ensure that unauthorized parties cannot read the data even if they gain access
to it.
Android offers two methods of device encryption: file-based encryption and fulldisk
encryption. File-based encryption, introduced in Android 7.0, allows different
files to be encrypted with different keys that can be unlocked independently. On
the other hand, full-disk encryption has been supported since Android 4.4, but as
of Android 10, it is being phased out in favor of file-based encryption.
Over the years more and more encryption enabled Android devices and applications
have been used by criminals to carry out illegal activities or to cover their
traces, making it difficult for forensic investigations to search for digital evidence.
As such, encryption has become an increasing concern for LEAs and a wide range
of encryption bypassing tools are being used to perform investigations on evidence
found in crime scenes.
According to some studies, encryption bypassing is categorized into six categories:
find a copy of the key, guess the key, compel the key from someone who
knows it, exploit a flaw, access plaintext when the device is in use, locate a plaintext
copy of the encrypted artifact.
In this thesis we introduce a tool with Android encryption bypassing capabilities
offering logical extraction analysis and decryption of multiple widely used
Android applications such as Signal, Wickr and WeChat. Our tool also offers password
brute-forcing capabilities and enables the orchestration of phishing attacks
aimed at the lockscreen. Furthermore we document the capabilities and shortcomings
of each of the techniques implemented in the tool, while also listing the
improvements developers could use to fortify their applications and the habits users
should follow to protect their data stored in Android devices and applications.
From the experience we gained while implementing the tool we conclude that
while using encryption does not ensure the invincibility of the system, our techniques
are also not always effective. Their success often depends on conditions
related to the inner encryption implementation of the system and actions that
where performed by the user prior to the acquisition of the evidence.
|
Language |
English |
Subject |
Mobile |
|
Κινητά |
Issue date |
2023-07-21 |
Collection
|
School/Department--School of Sciences and Engineering--Department of Computer Science--Post-graduate theses
|
|
Type of Work--Post-graduate theses
|
Permanent Link |
https://elocus.lib.uoc.gr//dlib/c/8/6/metadata-dlib-1689670330-477211-23857.tkl
|
Views |
609 |