Frosty attack on Android encryption
Two researchers at the University of Erlangen in Germany have demonstrated a way of accessing an encrypted Android smartphone using a freezer. To access the cryptographic key stored in the phone's memory, they placed the phone in the freezer compartment for an hour, with the result that the memory content remained – almost literally – frozen. They used a special tool to read the cryptographic key from the phone's memory (cold boot attack).
By cooling the device to below 10 degrees, the volatile memory can be made to retain data for a short period of time without power. Tilo Müller and Michael Spreitzenbarth exploit this to disconnect the battery for a moment, resulting in a reboot.
Source: Tilo Müller and Michael Spreitzenbarth They then use a key combination to invoke the bootloader, allowing them to flash and run their own recovery image, dubbed "Frost". For this to work, however, the bootloader needs to be already unlocked, as any unlocking would wipe user data. Frost then searches the memory for, among other things, the cryptographic key for decrypting user data stored in the (non-volatile) storage.
Since version 4.0, Android has offered the ability to encrypt personal data (if the user activates the appropriate checkbox in the settings).
Source: Tilo Müller and Michael Spreitzenbarth In addition to the cryptographic key, Frost was also able to extract many other items of personal data from the frozen smartphone's memory, including plain text Wi-Fi access data, WhatsApp chat history, the address book, and photos taken on the phone.