- Nov 4, 2016
- 131
- 0
- 0
I've been playing with my new (to me) V20 and found the "lock" option in the Gallery. It doesn't work in the file manager generally (boo hiss) but for images -- anything the Gallery App thinks is a picture or movie -- it does.
When "locked" the file is moved to phone storage so it disappears out of the gallery, given an extension and AES128CBC encrypted.
The question is how is the key generated?
The phone's "security" settings imply that the Google account is somehow involved in securing the "locked" files. One would hope that the key (or components thereof necessary to regenerate it) is not uploaded into the Googleplex, but there's no way for me to be certain of that. Of course what you want is for the key to be local to device and not backed up via any of the various tools, so it's unrecoverable outside of the device itself (by presumed "bad guys") -- yes, this means if you have a backup of the device with locked files access to those is irrevocably lost if you have to restore the unit (since the key is not in the backup) but that's the entire point of encrypting the files in the first place!
Does anyone know exactly how that key is generated and maintained?
When "locked" the file is moved to phone storage so it disappears out of the gallery, given an extension and AES128CBC encrypted.
The question is how is the key generated?
The phone's "security" settings imply that the Google account is somehow involved in securing the "locked" files. One would hope that the key (or components thereof necessary to regenerate it) is not uploaded into the Googleplex, but there's no way for me to be certain of that. Of course what you want is for the key to be local to device and not backed up via any of the various tools, so it's unrecoverable outside of the device itself (by presumed "bad guys") -- yes, this means if you have a backup of the device with locked files access to those is irrevocably lost if you have to restore the unit (since the key is not in the backup) but that's the entire point of encrypting the files in the first place!
Does anyone know exactly how that key is generated and maintained?