Difference between Fast Encryption and Full Device Encryption

[shagfoot]

Hi everybody!

Got a question regarding Fast Encryption. The description that Android gives for FE is this:

"Fast encryption: If you select this option, only used memory space will be encrypted."

The question I have is as data gets added to the device it gets encrypted as well or does it stay in the clear? I can't seem to get a definitive answer.
I emailed Android support but they have not responded back in a while.

Thanks!

 

[7Priest7]

Researchers bypass Android encryption by exposing phones to freezing temperatures
Don't bother,
Current Android hardware is still vulnerable to cold boot ram forensics,
The encryption will be pointless until Android's RAM inherits the properties of DDR3(which is not nearly as vulnerable to cold boot, DDR3 has a few second window to be frozen)

I would never store my private data on anything less than Serpent-Twofish-AES with Whirlpool Hash, a keyfile, and a password no less than 30 characters long.
Without all that you might as well not encrypt at all, like the old saying goes "do it right or not at all"

EDIT: Unless you have your phone off when it gets stolen, If the thief wants your data they can use cold boot forensics. More than likely though they will just format your memory, resell the phone and use the sd card for something else.

To Your question though, With Flash memory you might as well do full drive encryption.
The Read/Write speed on Flash Memory is too fast to worry about.

Also, If you have deleted non-encrypted private data recently the Fast Encryption will leave that data vulnerable to recovery.

 

[shagfoot]

Well you are correct in what you said, however this is for a client and we need to know the exact limitations and mechanics of Fast Encryption. If it was up to me I wouldn't store sensative data on my mobile either!

 

[7Priest7]

Well you are correct in what you said, however this is for a client and we need to know the exact limitations and mechanics of Fast Encryption. If it was up to me I wouldn't store sensative data on my mobile either!

To Your question though, With Flash memory you might as well do full drive encryption.
The Read/Write speed on Flash Memory is too fast to worry about.

Also, If you have deleted non-encrypted private data recently the Fast Encryption will leave that data vulnerable to recovery.

My Folio 13 has a SSD and It has full drive encryption.
It encrypted fast and it reads/writes very fast.
The Burden on the cpu may cause decreased battery life for your client
depending on how much he/she reads/writes.

 

[shagfoot]

Thanks for the additional information. The impression I'm getting here is that any new data that I add to the device after using Fast Encryption will NOT be encrypted. Would you agree with that statement?

Researchers bypass Android encryption by exposing phones to freezing temperatures

To Your question though, With Flash memory you might as well do full drive encryption.
The Read/Write speed on Flash Memory is too fast to worry about.

Also, If you have deleted non-encrypted private data recently the Fast Encryption will leave that data vulnerable to recovery.

 

[7Priest7]

Thanks for the additional information. The impression I'm getting here is that any new data that I add to the device after using Fast Encryption will NOT be encrypted. Would you agree with that statement?

Full disk encryption is more secure.

However from what I understand Fast encryption will encrypt evreything you write, however it will not prevent recovery of any files that were deleted before the encryption.

 

[Joelgp83]

The way they use the term "memory space" makes me wonder if they are refering to only encrypting the RAM at runtime, not the NAND flash storage space on the phone.

 

[sprockkets]

Researchers bypass Android encryption by exposing phones to freezing temperatures
Don't bother,
Current Android hardware is still vulnerable to cold boot ram forensics,
The encryption will be pointless until Android's RAM inherits the properties of DDR3(which is not nearly as vulnerable to cold boot, DDR3 has a few second window to be frozen)

I would never store my private data on anything less than Serpent-Twofish-AES with Whirlpool Hash, a keyfile, and a password no less than 30 characters long.
Without all that you might as well not encrypt at all, like the old saying goes "do it right or not at all"

EDIT: Unless you have your phone off when it gets stolen, If the thief wants your data they can use cold boot forensics. More than likely though they will just format your memory, resell the phone and use the sd card for something else.

To Your question though, With Flash memory you might as well do full drive encryption.
The Read/Write speed on Flash Memory is too fast to worry about.

Also, If you have deleted non-encrypted private data recently the Fast Encryption will leave that data vulnerable to recovery.

Found this thread and decided to reply.

This attack only worked because the researcher could unlock the bootloader and install a custom firmware. This also won't work anymore because newer phones will secure erase and do this before it unlocks the bootloader. Also, as of version 6.0, using TEE to store a unique key is required.

Unlocking the bootloader is not an option on most phones, and even if you can, are by default set to not allow an "OEM unlock" by default unless enabled in the dev options.