Conversation

Wipe and rotate hardware-backed keys rather than data: reddit.com/r/GrapheneOS/c Factory reset or profile deletion is the right way to prevent future access to data. Clearing app data or uninstalling works on a per-app basis if the app encrypts data with the keystore like Signal.

reddit.com

Wipe free space

You're thinking about this incorrectly. Due to how storage devices work at a low-level, wiping the data isn't a viable way to remove all traces...

3:12 PM · Feb 10, 2020Twitter Web App

Replying to

Apps can make granular use of hardware-backed keys to provide reliable expiry of data, by rotating through keys and purging the ones for expired data. Apps can also keep most data at rest when the device is locked by setting keys to require an unlocked device and splitting data.

Daniel Micay

@DanielMicay

Feb 10, 2020

Unfortunately, not aware of apps bothering to do either. Signal uses the hardware-backed keystore to encrypt the database but doesn't split it into what's needed when locked vs. unlocked so it can't set the property on the key. Haven't seen apps do key rotation for expiry either.

Replying to

and

How do you reliably erase an app-specific hardware-backed key without blowing away the entire profile? Don't they just get wrapped with a long-lived key and then stored in normal flash?

Replying to

and

> How do you reliably erase an app-specific hardware-backed key without blowing away the entire profile? As stated in the comment, the app can reliably delete hardware-backed keys. Clearing the app data or uninstalling the app will also reliably delete hardware-backed keys too.

Show replies