my request is different from “use sdcard as internal device” which will encrypt the sdcard and make it usable only on the phone
in past I used on rooted phone EDS that allow to mount veracrypt storage files, it is working perfectly and fits my needs perfectly… but require root access…
I love the fact that I can let a small text file “contact me” with some information to contact me if I loose the card and encrypt everything else…
so my question : what is supported for encryption on android? LUKS? encryptfs?
is it possible to export the keys in case of adoptable storage? so that I can still read the content of the sdcard? any other idea?
it’s not on its way out in AOSP, but /e/ does for some devices modify the fstab to make the sdcard not adoptable because users repeatedly lost the adoptable state of the sdcard after upgrades or because of hardware fault.
Sadly, non-adopted sdcards aren’t encrypted, so ROMs could benefit from being able to talk LUKS. But I’m not sure there is capacity for such at /e/, it will rather come from somewhere upstream or an adjacent project
Because I am very interested in this, and I am used to only use luks drives on linux, maybe I can assist to integrate LUKS to the rom? So everybody would be able to have a file/partition on ext. sdcard and be able to rol some luks encrypted content there!? Where and whom to ask for assisting them?
see the initial answer link for something working via adb (no app UI). guardianproject (fdroid people) made a luks module for android a decade ago. They abandoned the luks approach in favor of IOCipher. You can find a module based on their original LUKS work at https://github.com/aelmahmoudy/cryptsetup-android, try to build this into your rom if you want to develop. Not luks, but people did various ‘userland encrypted containers’ tools, DroidFS in this answer and others.
and encrypt everything else…