0

I believe most new Android phones have full encryption enabled by default, so even if I just download some PDF weather report from the internet, it will sit encrypted on my phone's SSD.

Now, suppose my phone breaks and loses power, such that just the SSD remains good and I eventually get all of the SSD's raw bits copied into a file on my computer.

Then, in principle, with a lot of research into Android's encryption methods and knowledge of my broken phone's password, I should be able to unencrypt those copied bits and ultimately see that weather report as proof. (By design, without the password, the bits can never be decrypted. By the way, let me group fingerprint, facial recognition, and PIN authentication measures within the term "password" for simplicity here.)

But, in practice, I highly doubt anyone would recover a phone's data like that. So, what should I do if I have some valuable million-dollar encrypted file on a broken phone? To be specific, assume the phone is a Google Pixel 6 Pro. Notice that this is different from the FBI's problem because I have the password.

I am also curious, do any phone makers provide some proactive means to anticipate recovery like this (e.g., "Download Your Decryption Key" in Android Settings, though this would not normally be recommended since this key is ideally never saved anywhere and ideally just reassembled from the password at each use)?

bobuhito
  • 230
  • 1
  • 8
  • 1
    *" what should I do if I have some valuable million-dollar encrypted file on a broken phone?"* - in a way you are constructing a case where you have valuable data but did not bother to backup these. You just were lucky that the SSD is still somehow working even if the phone is broken. Apart from that it is not clear how broken it is - just the display, i.e. it can be switched on? Or it cannot even be switched on anymore? *" do any phone makers provide some proactive means to anticipate recovery"* - its called a backup. And it works even if the disk is broken too. – Steffen Ullrich Feb 17 '22 at 20:40
  • @SteffenUllrich "Just the SSD remains good" means that everything else is broken. And, yes, of course, I know I can backup files on my own, but was just curious if I can be even lazier. – bobuhito Feb 17 '22 at 20:57
  • You can also replace "when the phone breaks" with "lost or stolen phone" in the sentence. In such a scenario encryption is more a blessing than a curse if you have sensitive/valuable files on the device. – Kate Feb 17 '22 at 21:22
  • Android & iOS storage encryption is designed to be volatile. Its keys cannot be cloned & migrated. Android cloud backups are end-to-end-encrypted and it's the closest solution for your usecase. – defalt Feb 21 '22 at 17:26

0 Answers0