Lines Matching full:encryption
1 page.title=Full-Disk Encryption
28 <p>Full-disk encryption is the process of encoding all user data on an Android device using an
34 Full-disk encryption was introduced to Android in 4.4, but Android 5.0 introduced
37 <li>Created fast encryption, which only encrypts used blocks on the data partition
39 currently support fast encryption.
42 <li>Added support for patterns and encryption without a password.
43 <li>Added hardware-backed storage of the encryption key using Trusted
53 <h2 id=how_android_encryption_works>How Android full-disk encryption works</h2>
55 <p>Android full-disk encryption is based on <code>dm-crypt</code>, which is a kernel
57 this, encryption works with Embedded MultiMediaCard<strong> (</strong>eMMC) and
59 devices. Encryption is not possible with YAFFS, which talks directly to a raw
62 <p>The encryption algorithm is 128 Advanced Encryption Standard (AES) with
69 <p>In the Android 5.0 release, there are four kinds of encryption states: </p>
89 re-encryption of userdata.) Note that
93 <p>Encryption is managed by <code>init</code> and <code>vold</code>.
98 encryption features in <code>vold</code>, the system uses the command line tool
142 <li>Encrypt a new device with <code>forceencrypt</code>: Mandatory encryption
144 <li>Encrypt an existing device: User-initiated encryption (Android K and earlier).
190 often not actually appear because encryption happens so quickly. See
200 encryption type to see if <code>/data</code> is encrypted with or without a
221 <p>This process is user-initiated and is referred to as ?inplace encryption? in
224 power to finish the encryption process.</p>
230 <p>To enable inplace encryption, <code>vold</code> starts a loop to read each
234 encryption much faster on a new device that has little to no data. </p>
277 The encryption loop updates <code>vold.encrypt_progress</code> every time it
295 Starting an encrypted device with default encryption</h3>
299 password and therefore this is the <em>default encryption</em> state.</p>
311 checks the encryption type to see if <code>/data</code> is encrypted with or
341 Starting an encrypted device without default encryption</h3>
378 <code>vold</code> returns 0 if encryption was completed successfully, -1 on internal error, or
379 -2 if encryption was not completed successfully. <code>vold</code> determines
381 flag. If it's set, the encryption process was interrupted, and there is no
446 <p>If <code>vold</code> detects an error during the encryption process, and if
449 The UI prompts the user to reboot and alerts them the encryption process
456 <p>If <code>vold</code> detects an error during the encryption process, it sets
458 and returns -1. The UI should then display a message saying the encryption
473 <li>Generate random 16-byte disk encryption key (DEK) and 16-byte salt.
491 <h2 id=encryption_properties>Encryption properties</h2>
494 setting properties. Here is a list of available properties for encryption.</p>
528 <td>Set by vold to shutdown the full framework to start encryption.</td>
533 progress bar UI for encryption or
550 <td>The progress bar UI should display a message that the encryption failed, and
556 <td>The progress bar UI should display a message saying encryption
