![]() ![]() The reason for having two AES-128 keys is that if you change your Pattern / PIN / Password, it just has to re-encrypt the master key file, not the whole disk. You know how the first thing Android does during boot-up is ask for your PIN / Password? That's because it needs it to decrypt the master key so that it can decrypt and mount the main filesystem. It then takes your Pattern / PIN / Password and uses that to derive a second AES-128 key which it uses to encrypt and store the master key on disk. ![]() When your turn Android Disk Encryption on, it generates an AES-128 key which it uses to encrypt the drive (called the master key). The Android developers page on Full Disk Encryption seems like it has all the info you want, and more! It talks about encryption on the main internal disk (/data), I will assume that it uses the same mechanism for encrypting the external SD Card. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |