I have read the thread regarding encryption and where Android is apparently moving from FDE to file based encryption, I am wondering how /e/ is using encryption ? For example, on my phone I can see “Encrypted” but it is not FDE as the phone is booting fast without asking password during the boot. Is there a way to proof that the file based encryption is working fine ? From TWRP? Thanks
try adding or deleting a file in /data with twrp. If it is encrypted you can’t do it
It means you didn’t activate the option when it prompted.
Try to deactivate the password, then set the password again and it should ask you if you want enter your password at boot.
Excuse me I meant a passphrase not the password
Actually that’s technically the same thing
Perhaps I am not clear on my explanations. On my old Replicant I had to enter a passphrase at the very beginning of the boot process and then when the system was ready I had to enter my 4 digits " password " (code)
In /e/ it boots very fast and I only need to enter my 8 digits " password " (my code) to enter so it is definitely not doing full disk encryption, another thing let me think it is not doing FDE is that TWRP is accessible without entering a passphrase.
So regarding what you said for the password does that mean that the 8 digits password when restarting the phone or booting is actually decrypting files ? (Like the windows password which decrypt bitlocker encrypted drive ? Excuse for the reference I all not using Windows but Linux but it it the closest I can think about)
I’m not a encryption specialist. I have encrypted my linux and my server but never my phone.
As far as I know, android isn’t making a FDE only the /data is encrypted. That’s why I have written in my first answer
So, if you are making this test, you will know if your data is encrypt
Ok I understand. The password/PIN code at the booting process and the lockscreen is the same thing and can’t be different.
You can encrypt a phone without setting any protection (password or PIN). Furthermore when the phone is encrypted and you change a password to another the phone doesn’t need to reencrypt everything. So yes, your password is just here to unlock something that contains the real key and isn’t part of the decryption key.
So, I made a test and when I tried to boot on TWRP I had to enter the password (the one I am using to unlock my phone). So it seems that the new way Android is doing encryption is different compared to what I knew. It seems to be very similar on how bitlocker and Windows login prompt works. I am wondering how /e/ is passing the password the password during a system upgrade because TWRP is not asking to enter a password.
It’s not passing the password.
When you boot into TWRP then TWRP asks you for a password to be able to decrypt /data partition.
During a system upgrade this partition is not changed so there’s no need to ask you for a password in this case.
Make sense now thanks! And just to finish on encryption, I supposed all the documents/photos/movies… are under /data? What about messages (from QKSMS) ?
It’s all under /data