That is correct, which is why a physical disk image (typically required for criminal investigations) is impossible since the dish encryption keys are stored on a special chip.
In terms of android it seems like people are frustrated. If any googlers are reading, I would advise keeping the default behavior of pairing the passcodes but add an option to allow security conscious users to separate the passcodes (without the need for root). On May 21, 2013 8:18 PM, "Jeff Enderwick" <[email protected]> wrote: > If memory serves, there is also a hardware-held device-specific key that > is a factor in generating the disk encryption key in iOS (these days). > — > Sent from Mailbox <https://bit.ly/SZvoJe> for iPhone > > > On Tue, May 21, 2013 at 8:13 PM, Kristopher Micinski < > [email protected]> wrote: > >> FYI this also happens on iOS: in fact this is basically how the recent >> string of american police demands to decrypt iPhones have happened. >> Few combinations, a little time, and you've got a decrypted device. >> >> Not to say this isn't an issue (it definitely is), but it's not just >> unique to Android. >> >> Kris >> >> On Tue, May 21, 2013 at 5:47 PM, DrDenim <[email protected]> >> wrote: >> > Considering that a phone encrypted with a 4-6 character PIN has been >> cracked >> > in a matter of seconds the current scheme is worthless against any >> > determined attacker. Unless of course the user type in a 8+ character >> word >> > just to unlock the screen, dozen of times a day.. Personally I could >> not put >> > up with that. >> > >> > This leave Android with a pretty serious security flaw. This should be >> high >> > on the list of things to get fixed! >> > >> > >> > On Tuesday, May 21, 2013 5:30:54 PM UTC-4, seattleandrew wrote: >> >> >> >> If you haven't been following issue 29468 for Android, a couple of >> people >> >> are upset that the unlock passcode is tied to the encryption passcode. >> From >> >> a usability stance, this makes perfect sense, this way users don't >> have to >> >> memorize two passwords, the less the better. The issue is, once a FDE >> (Full >> >> Disk Encryption) Android has been unlocked the first time, the device >> is >> >> decrypted until it's powered off. This means once the device has been >> >> unlocked once, there isn't a need to continue requiring complex >> passcodes >> >> since all it does is unlock the device. >> >> >> >> With the current schema, I argue it actually impacts security and >> >> usability since users will either choose a complex passcode (for more >> >> entropy in FDE) and suffer every time the device re-locks or a user >> will >> >> choose a simpler passcode (PIN or 6 char) in order to make the unlock >> >> process easier (but now FDE has less entropy). >> >> >> >> With the addition of multiple-users in Android, I argue it wouldn't be >> too >> >> difficult to separate the FDE passcode from the user's unlock passcode >> (even >> >> on single user devices). >> >> >> >> What does the rest of Android Security think? Do you guys think >> separating >> >> FDE and the unlock passcode would be beneficial? >> > >> > -- >> > You received this message because you are subscribed to the Google >> Groups >> > "Android Security Discussions" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an >> > email to [email protected]. >> > To post to this group, send email to >> > [email protected]. >> > Visit this group at >> > http://groups.google.com/group/android-security-discuss?hl=en. >> > For more options, visit https://groups.google.com/groups/opt_out. >> > >> > >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Android Security Discussions" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to >> [email protected]. >> Visit this group at >> http://groups.google.com/group/android-security-discuss?hl=en. >> For more options, visit https://groups.google.com/groups/opt_out. >> >> >> > -- > You received this message because you are subscribed to a topic in the > Google Groups "Android Security Discussions" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/android-security-discuss/FzngJnjhS5g/unsubscribe?hl=en > . > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to > [email protected]. > Visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
