I wonder if the chat content's are encrypted in local storage on mobile devices (iOS, Android).
I hardly found any reliable information about this topic.
My thought is about somebody stealing my device and plugging it's hard drive into an external device.
This is not about how to decrypt the storage. It's just about if it's encrypted at all.
What I found so far:
I've android device and I don't use telegram. I cannot confirm about telegram and iOS.
Signal encrypts its internal message database with AES-256-CBC mode using SQLCipher. Encryption key and IV for database file is stored in org.thoughtcrime.securesms_preferences.xml as pref_database_encrypted_secret which is itself encrypted by AES-128-GCM key stored in Trusted Execution Environment (TEE). iPhone has Secure Enclave Processor (SEP). The process can be slightly different in iOS but the intuition of what Signal does to protect data at rest is same.
I've seen no encrypted internal message database in WhatsApp. WhatsApp encrypts local and Google Drive chat backups though, but those are meant for migrating chats. Chat backup is actually an encrypted snapshot of internal message database taken at 2 am everyday. It is stored in user accessible storage and the same snapshot file (msgstore.db.crypt12) is then uploaded to Google Drive as well. See, How can WhatsApp restore local or Google Drive Backups?
Both android and iOS encrypt user and app data by default and Data Encryption Keys are bound to screen lock code and TEE. Even if you know screen lock code, you still won't be able to decrypt data by taking out UFS flash storage off the device. TEE participates in key derivation to derive a Key Encryption Key that decrypts data encryption keys and it refuses participation unless the user is authenticated. So swapping TEE with another indentical device won't work either.
When Signal is uninstalled, the corresponding key is also cleared from TEE making data recovery impossible for spyware agencies even if data encryption keys are compromised. As WhatsApp doesn't encrypt its internal database, it can be recovered even if it's deleted but data encryption keys have to be extracted first from memory and this is what spyware agencies like Cellebrite and GrayShift are doing.
They extract data encryption keys from memory physically or by zero days and then they use them to decrypt message database. If the device has been already unlocked once since last reboot, keys remain in memory so that apps can be remain functional at locked screen even if the screen is relocked again. Signal is also affected because of this intended design.
Either way is vulnerable due to design flaws and Telegram might be either one of the methods. Signal's approach only makes it harder to extract data. The only safe states are if Signal is uninstalled from the device and if the device is rebooted but not yet unlocked.
Despite claims in this direction on https://telegram.org/privacy, Telegram does not encrypt local data storage at all, not even for the so-called 'Secret Chats'. I verified that the claims on https://blog.zimperium.com/telegram-hack/ still hold.
Not encrypting the storage of transmitted photos and other attachments obviously is meant to be a feature because on Android they are directly accessible to the user at /sdcard/Telegram.
