My lamenting will be about the overall way in which device encryption is implemented in Android. This is mostly a collection of links where you can find out more about how it ~~worked across the recent versions~~ all went south. This article strictly expresses my own, badly informed opinion and you should check all the provided references carefully before forming your own. ### In the Beginning Android gave us full disk encryption starting with *Android 3*, and [here is a good and basic explanation of how it works](https://nelenkov.blogspot.de/2012/08/changing-androids-disk-encryption.html). I do not know much more about those times, one might think they were better times. However, even in this era we had one problem: **Problem 1.** By default, the disk key is only as strong as the screen key, because the former is derived from the latter. This can be solved by using two passwords, as outlined in the above article. ### Android 4 to 6 The subsequent three versions worked on the same principle, but [master keys were now stored in shady hardware components](https://nelenkov.blogspot.de/2014/10/revisiting-android-disk-encryption.html) to store the disk encryption key in an *"unextractable"* way, which immediately raised some eyebrows on my part. I am not surprised that [eventually, those keys were not so unextractable any more](http://bits-please.blogspot.de/2016/06/extracting-qualcomms-keymaster-keys.html). So now, on top of the first problem, we have **Problem 2.** Encryption keys are stored in shady hardware components for no reason that is apparent to me. I am of the opinion that Problem 2 ist not as severe as Problem 1. The severity of both problems depends on the resources of the attacker, and I believe that it requires less resources to exploit Problem 1 than to exploit Problem 2. This is why I begrudgingly accepted Problem 2 and [solved Problem 1](/2015/11/09/protect-your-android-and-still-enjoy-it/). Also, solving Problem 2 will be quite tough, essentially I'd have to write my own ROM. Time, does not, permit. ### Android 7 Android 7 abandonned full disk encryption and [introduced file level encryption](https://source.android.com/security/encryption/file-based). [Renowned experts think that this is a move into the right direction](https://blog.cryptographyengineering.com/2016/11/24/android-n-encryption/) ((while also pointing out some new problems)), the main point being that full disk encryption requires the key to be buffered in RAM permanently and that's a whole different problem on its own that I did not mention. For reasons of usability, [everybody else cannot wait to get in line](https://www.howtogeek.com/269422/how-to-enable-android-nougats-direct-boot-for-less-annoying-encryption/) with this. Frankly, I have no problem with file level encryption, but I am sad that none of the two other problems were solved. Everything about key derivation and storage is still the same. Instead, it creates a third problem, which has been [outlined rather well by this chap](https://android.stackexchange.com/q/179273) ((please upvote his question just to show some support)): **Problem 3.** App developers now have the option to store your data in an essentially unencrypted way and are even endorsed to do so because they get access to it at boot time. None of this is visible to the user, the phone is simply *"encrypted"*, whatever the hell that means these days. ### Plz halp Where I see a burning shipwreck, [the internet sees an unconquerable fortress with a cozy fireplace inside](https://www.androidcentral.com/how-android-n-addresses-security). So hey, maybe it's all fine? Please educate me if I missed something. Also, if you know how, tell me how to fix this.
One Reply to “Encryption on Android gets worse in every Version”