1. Are you ready for the Galaxy S20? Here is everything we know so far!
Thread Status:
Not open for further replies.

[CDMA] "encrypted bootloader" properly defined

Discussion in 'Android Devices' started by novox77, May 24, 2011.

  1. novox77

    novox77 Leeeroy Jennnkinnns!
    Thread Starter

    Locked. Signed. Encrypted. I felt the need to redefine these terms, since until today, even I didn't have it quite right. In other posts, I pointed out the distinction between a locked (and signed) bootloader to an encrypted bootloader. That distinction still exists, but not how I originally described it. So I may have contributed to some of the ongoing confusion with bootloader terminology.

    When someone says "encrypted bootloader," they mean that the signature of the bootloader is encrypted. The actual bootloader image (HBOOT) is not encrypted. In the past, when people referred to the encrypted bootloader, they meant Motorola's bootloader on the Droid X et. al. It's important to clarify here that even this bootloader is not encrypted. It's a signed bootloader, and the signature is encrypted.

    Therefore, "encrypted bootloader" is a misleading term. No manufacturer actually encrypts the bootloader firmware itself. That's why when people claimed HTC's bootloaders were not encrypted, it was kind of a meaningless statement. Because something DID change with HTC bootloaders; they started to sign them with encryption. Which is what Moto does. Furthermore, HTC is now signing the images for /boot (kernel) and /recovery, adding more protection against customization of these areas.

    So, saying that HTC does not encrypt its bootloaders is a TRUE statement. Saying that HTC's bootloaders are locked and signed is a TRUE statement. Saying that HTC's bootloaders have always been locked is a TRUE statement.

    And yet, saying that HTC's bootloader security has never changed because of the above statements is FALSE because they placed an encryption layer on the signature.

    So... here are the terms and what they mean:

    locked bootloader: a bootloader that protects certain partitions from being modified. Flip a switch (S-ON to S-OFF), and the bootloader is unlocked. Or more appropriately, NAND protection is removed, meaning the various protected partitions on the NAND internal flash memory are now able to be mounted read/write. Like the confusing terminology of "encryped bootloader," there's nothing "locked" about the bootloader itself. The bootloader is locking up areas of the internal flash memory. That's what devs are trying to "unlock."

    signed bootloader: a bootloader signed by the manufacturer to assure it's official. A signed bootloader can be either locked or unlocked. Just because it's signed doesn't imply it's locked. The Engineering bootloader is an example of a signed but unlocked HBOOT.

    encrypted bootloader: same as a signed bootloader, but the signature is encrypted, making forgery of the signature practically impossible. One possible solution is to flash a leaked Engineering HBOOT with that same encrypted signature. There's no guarantee that this image will ever be leaked or that some other security measure isn't in place to prevent this workaround. Another solution is to find some way to hack into the phone's radio and call a command to flip the switch from S-ON to S-OFF. But there's no guarantee that such an exploit exists on all phones.

    1. Download the Forums for Android™ app!


  2. thelonewizard

    thelonewizard Android Enthusiast

    So the Nexus S is locked, the EVO 4G is signed, and the EVO 3D is encrypted? That is by far the best definition anyone has given on this site. Thanks, novox!
  3. LBPHeretic

    LBPHeretic Android Expert

    Pretty much, yes. The Sprint HTC EVO 3D is cryptographically signed, which is just a fancy way of saying that it is encrypted.

    Nice job on the terms, novox77. Well written too.

HTC EVO 3D Forum

The HTC EVO 3D release date was July 2011. Features and Specs include a 4.3" inch screen, 5MP camera, 1GB RAM, Snapdragon S3 processor, and 1730mAh battery.

July 2011
Release Date

Share This Page