Hi all, I have a friend who had an Android 4.0+ phone with the integrated encryption enabled. Now, the phone is no longer able to perform the decryption. He has the SD card and he knows the screen-lock password that was used for the encrypted phone.
Question #1) Apparently there is key-stretching used to transform the user's screen-lock password into an encryption key. What is the pseudo-random function used in the Android PBKDF2 routine? Question #2) How many iterations are used in the PBKDF2 routine? I have some indication that 2000 rounds are used. Question #3) The master key used for the encryption of the removable SD card --- where is that stored? (It seems to be stored "in the last 16kb" ... is the SD card master key stored in the last 16kb of the SD card itself, or was it on the phone's internal memory? Google source notes say, "The crypto footer is kept in the last 16 Kbytes of the partition" but I wanted to confirm with you guys that this means the SD card has its own footer. If you are familiar with this part of the Linux/Android source code, or have any weblinks you can point me to, I would be extremely grateful!! Thanks, all! -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/groups/opt_out.
