We help IT Professionals succeed at work.

decrypt Encrypted Samsung media

Hi,
A client was having a Samsung S8 mobile phone, and he used SD encryption to encrypt the photos and media he has. Accidentally the phone was broken and is no longer working, so he bought a Samsung S9 mobile. When he put the SD card, the media are encrypted. The old phone (S8) is not working so we can decrypt the SD on the phone.

Any ideas on how to decrypt the SD card to work in S9?
attached one of the photos that are encrypted.
20171222_161738.jpg
Comment
Watch Question

David Johnson, CDSimple Geek from the '70s
Distinguished Expert 2019

Commented:

unless he can get the previous phone fixed so unless he has a copy stored somewhere i.e. google drive then these files are useless.  The encryption is designed to thwart another user/machine from decrypting the files 

Distinguished Expert 2019

Commented:
David pointed out the majority.
Usually, to enable decryption of a removable the client would have had to have exported the encryption key if the option is available.
In that case, the encryption would need to be imported on the new phone and only at that point would the data on the sd become accessible with the pin.
Sam Simon NasserIT Support Professional

Author

Commented:
thanks David and Arnold.
Can we, in any mean, if we communicate with the company, can have a decrypt tool from Samsung? is this possible?
Iamthecreator OMIT/EE Solution Guide

Commented:


Can we, in any mean, if we communicate with the company, can have a decrypt tool from Samsung? is this possible? No



It is important to remember to decrypt your microSD card before a Factory Data Reset, or if you are switching to a new phone. The data on your SD card will not be able to be read or decrypted after a reset or in another device. The only option to use the microSD card again is to wipe it completely.




https://www.samsung.com/au/support/mobile-devices/how-to-encrypt-decrypt-sd-card/

nociSoftware Engineer
Distinguished Expert 2019

Commented:

The tool you will need is luks tools for using encrypted disk on linux. The device keys ARE stored on the SD in a vault locked by a passphrase. What you need is the passphrase to unlock the keys.  That passphrase is on the original phone somewhere... the passphrase can of itself be a random binary string as well for automated use such as in a phone the passphrase is in general a random generated string. 


Encryption most probably is AES so without a key you need to guess a random 128 or 192 or 256 bit key. Which probably will take a while.  You can make (and probably should) take an image from the SD card. Can be done on any linux system using dd.



Sam Simon NasserIT Support Professional

Author

Commented:
unfortunately is the old phone is not working, it felt while the client is working out on the treadmill and looks just like this!!!!
pasted-image-02.png
I will let him know. I know that encryptions are hard to break down, but I thought Samsung might have a tool or something like this.

Thanks a lot.
nociSoftware Engineer
Distinguished Expert 2019

Commented:

You may need to consult a data recovery company to retrieve the keys from the base system on the original phone.

The screen may be broken, the board may very well still function, in that case a (temporary) replacement screen might help salvage the data. 

Distinguished Expert 2019

Commented:
A tool from samsung that would circumvent the encryption would mean that the data is not as secure.
One option is to connect the old phone to a computer if it will show up as a storage device without a need to authorize on the phone. If so. You could try looking for the encryption  key.

Use a blank sd on the new phone. Encrypt it.
Then check for the location of the key on the new in an effort to narrow your search on the old.
Also check whether it has an option to export he key for safe storage to regain access should the phone fail.
nociSoftware Engineer
Distinguished Expert 2019

Commented:
IT Support Professional
Commented:

no way to decrypt.