0

I installed Android Terminal Emulator on one of My Android Device (4.4 with kernel v3.10.28) to execute some linux commands and after a while found file called unlock_key. I executed cat command to see it's contents.

enter image description here

I have a few questions in mind :

  1. What is the purpose of this unlock_key ? Is it for unlocking the device ?

  2. What encryption scheme or algorithm is being used to generate this public key ?

  3. How can I decrypt this to get plain text ? Is that possible ?

  4. Is there a way to get private key corresponding to this public key ?

C0deDaedalus
  • 728
  • 1
  • 8
  • 17
  • 1
    #1 where on the system was it? #2 cannot tell, #3 no, #4 really no – schroeder Jan 31 '18 at 10:05
  • Public keys are meant to be public. Which means they are designed to be secure no matter who gets their hands on them (even governments with billions of dollars worth of gear). – schroeder Jan 31 '18 at 10:06
  • About #2 : The key is around 400 base64 characters, which makes it ca. 2400 bits long, too large for ECC, but a reasonable size for RSA or ElGamal. Android, out of the box, supports RSA, but no other public key algorithm (including ElGamal) via its public API. It is thus highly likely that this just happens to be the algorithm the kernel uses itself. – Damon Jan 31 '18 at 10:56
  • And given the other options I'm guessing this is in root (/) of the filesystem? Which is odd, as android doesn't usually store any such file there. – ewanm89 Jan 31 '18 at 11:05

2 Answers2

5

What is the purpose of this unlock_key ? Is it for unlocking the device ?

No idea.

What encryption scheme or algorithm is being used to generate this public key ?

The public key is not encrypted. But it is probably a 2048 bit RSA public key.

How can I decrypt this to get plain text ? Is that possible ?

Since it is not encrypted you cannot decrypt it.

Is there a way to get private key corresponding to this public key ?

Practically impossible.

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
0

This is a RSA public key in PEM format.

A public key is accompanied by a private key. Anything encrypted with the private key can be decrypted with the public key and vice versa. Since you only have the public key (which is supposed to be public), I don't think you can do anything with this.

You can decode the PEM format, but this will only give you the public key in another form.

Sjoerd
  • 28,707
  • 12
  • 74
  • 102