Tuesday, January 13, 2015

[rvspahun] Lollipop full disk encryption

Two adventures:

Took the Android 5.0.2 upgrade to 2012 Nexus 7 tablet, which was running the latest Android 4 and had full disk encryption enabled.  After the upgrade, it gave me a message on boot that the disk was encrypted but corrupt so required a factory reset, wiping all data on the tablet.  Moral of the story: backup everything you care about before upgrading Android.

Lollipop offers the ability to encrypt the device but does not require setting a PIN or password.  I am mystified as to how this could work.  Of course, it must be useless if an adversary can access the device and power it on.  One can later set a lock screen PIN, and choose an option (an option one can decline!) to require the PIN to decrypt the disk on boot.

If there is no PIN, the disk encryption key must be stored in plaintext somewhere on the device.  After setting the PIN, there remains the very difficult problem of securely deleting that plaintext key, made difficult by the peculiarities of Flash based physical storage.

No comments :