2

I have a follow-up to the question posted here. I recently got a 2.3 DroidX phone, and noticed that it as well has data encryption option. I pulled an SD card from device, and noticed that folder structure is intact. I tried reading file from the SD card, which was produced by a photo application, and it was unreadable, however the file itself contained some data which was not random, which to me indicated that not the whole file was AES'ed. I was also able to put an unencrypted file on SD card which was readable afterwards.

So, the question is: does anyone know what encryption methodology is being used here, what algorithms are in place, and how strong they are against experienced attacker?

EDIT: My friend got a droid2, which also runs gingerbread 2.3.3, and it has data encryption feature too. So... is data encryption an android feature or specific to Motorola devices?

Community
  • 1
galets
  • 521
  • 4
  • 12

1 Answers1

2

Apparently, DroidX uses ecryptfs

Following are mount options on /data/data:

rw,nosuid,nodev,noatime,nodiratime,ecryptfs_sig=****************,
    ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_passthrough

I would imagine this means that encryption key here is 32 bytes, which is 256 bits, which seems pretty good to me.

galets
  • 521
  • 4
  • 12
  • Good find! Any pointers to the Motorola DroidX source code that shows the ecryptfs bits, specifically? I'm an eCryptfs upstream developer looking for it. – Dustin Kirkland Mar 01 '12 at 17:05
  • As a followup to my last comment, I broke it out to its own question here: http://android.stackexchange.com/questions/20105/motorola-droidx-ecryptfs-related-sources – Dustin Kirkland Mar 01 '12 at 17:34