K
K
kirbak2013-11-12 12:26:04
Android
kirbak, 2013-11-12 12:26:04

How good is Android 4.3 encryption?

How good is Android 4.3 encryption?

I'm used to using software like TrueCrypt on computers, but encryption on Android is new to me. If anyone has studied this issue, please share your experience.

Answer the question

In order to leave comments, you need to log in

6 answer(s)
R
rozhik, 2013-11-12
@kirbak

By the fact that for decryption keys are stored in ordinary flash memory, which CPU isolation does not allow access to. As far as I know, real hardware under android does not use encryption coprocessors. This allows, when finding an exploit to break out of isolation, simply read the keys.
It is better for yourself to answer what level of cryptozacite you need. The same TrueCrypt, although it is good, does not provide 100% protection. The easiest way to “break” it is with keyloggers, cameras, proxy agents. Everything comes down to money.
If the data is so interesting that you can spend gigantic money, then they will break at least a complete enumeration. If no one needs them, then anything will become an impenetrable defense;)

T
Terranz, 2013-11-12
@Terranz

encryption of what?

M
moonsly, 2013-11-12
@moonsly

What kind of encryption are you talking about? Read the latest android user agreement - all your data about calls, sms, wifi networks around you and God knows what else is transferred to Google servers. Of course, all this is “only for your safety”, but it is also obviously possible to use adsense and other rubbish for more precise targeting. About a year ago, there was an article about the new android convention and its "protection" of privacy. Silent transfer of geo-data is possible (remember the Google database of MAC addresses of wi-fi points), remote control of a smartphone through google services (officially only by the owner of the account, of course, unofficially - who knows). In such conditions, no encryption will help much.
If you want privacy, it’s better not to use android, or look for options on how to bypass / disable logging described in the user agreement.

R
rozhik, 2013-11-12
@rozhik

If you meant:
1 disk encryption. That is twofold. With physical access to the device, it is not difficult to get the keys, and then the data
2 file encryption, etc. using applications - it depends on the applications
3 encryption algorithms - they are the same as elsewhere.
4. if you mean all sorts of reading keys from memory and similar dangers, then just like in any other Linux.
In general, if without ui and support for iron and dalwick, then the android is just another Linux.

G
Gendalph, 2013-11-15
@Gendalph

As far as I understand, encryption is used the same as in AOSP, which means that everything that is written here is true: http://security.stackexchange.com/questions/30946/android-cyanogenmod-encryption-vs-gnu-linux
in a nutshell: usually it is enough to put a password on the lockscreen and wipe the screen more often. You can, of course, encrypt the phone, but there is not much sense in this.
Specifically about encryption:
Android implements the device encryption in Vold( Volume Daemon) module called cryptfs that makes the calls to the kernel which actually encrypt the device. When a user encrypts the device Vold reboots the device and begins encrypting the data partition. During the encryption process Vold disables everything that is not a core service on the device. Android requires that the user create a passcode if they have not already set one at the beginning of the encryption process, which is one of the criticisms of the implementation since the decryption process is tied to the users screen unlock passcode which isn't super complex . Once the device is encrypted according to the documentation at the AOSP page the encrypted master key is stored in the footer of the data partition.As far as I know android' s implementation only encrypts the data partition which would be user and app data. Once the device is encrypted the user will have to enter their passcode whenever the phone is locked before they can access their data the kernel mounts a tmpfs/data that reads from the actually encrypted block devices. Your screen unlock passcode hashed and used to decrypt the master key.
Once the device is encrypted the only way to undo it is to wipe data. I don't think that the default implementation you get in the AOSP source encrypts the sdcard since not all android devices have a removable sd card, like the galaxy nexus, but I guess device manufacturers could add support in for that.The AOSP documentation on the FDE implementation is available here, Android Notes on Encryption Implementation . It's pretty thorough compared to some of the other AOSP docs , You might be interested to check out this blog post,[Cold-boot encryption key recovery on an Android phone] that has some information on attempting key recovery with CyanogenMod7.
His conclusions were:
But he was running CyanogenMod7 so I don't know if that is generally applicable to stock roms on devices or roms built straight from AOSP, but maybe there is some more information and research out there about the potential for key recovery.
</blockquote>

S
sdeman, 2014-03-13
@sdeman

WhisperCore is the first free hard drive encryption app for Android devices.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question