Conversation

What even is this nonsense, Android.

You’re using TrustZone-generated signatures (fed into scrypt) to protect the full-disk encryption key on Android devices?

Replying to

That documentation is 8 years old... and the top of the page points out it is deprecated for android 10+

Replying to

Phew ok.

David Weston (DWIZZZLE)

Replying to

and

is the real doc

Replying to

and

grapheneos.org/faq#encryption explains how it works on the Pixel 2 and later at high level. It's clear about which things are GrapheneOS enhancements. Weaver and the owner account authentication for insider attack protection are what integrates it with the secure element.

grapheneos.org

GrapheneOS Frequently Asked Questions

Answers to frequently asked questions about GrapheneOS.

4:19 PM · Feb 17, 2022Twitter Web App

Replying to

OS does initial scrypt-based key derivation and uses personalized hashes of result for the different uses. One of those is getting the Weaver token from the secure element. Secure element requires owner authentication before firmware can be updated (insider attack protection).

Replying to

Another personalized hash is sent along with Weaver token retrieved from the secure element to the TEE. TEE does the hardware bound key derivation, decrypts disk encryption key and passes it to inline decryption hardwar on modern Qualcomm, Exynos and Tensor without OS getting it.

Show replies