Android 4.4 FDE(Scrypt Footer)密钥存储机制技术咨询
Hey folks,
I’ve been deep diving into Full Disk Encryption (FDE) implementations across different Android versions, and I’ve hit a frustrating roadblock with Android 4.x builds that use the Scrypt algorithm for key derivation. There’s surprisingly little detailed documentation out there that clearly breaks down how the encryption keys are stored in this setup.
I’m working with an encrypted Samsung S4 Mini running Android 4.4, and I’ve extracted the 16KB footer from its user data partition. Here’s the raw hex content of that footer:
00000000 43 72 79 70 74 6F 4F 76 65 72 6C 61 79 00 00 00 |CryptoOverlay...| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000000a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000000b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000000c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000000d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000000e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000000f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00003f80 73 63 72 79 70 74 00 00 00 00 00 00 00 00 00 00 |scrypt..........| 00003f90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00003fa0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00003fb0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00003fc0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00003fd0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00003fe0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00003ff0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 |................|
If anyone with expertise in Android FDE, especially the Scrypt-integrated Android 4.x implementations, can help me unpack the key storage mechanism here, I’d be incredibly appreciative. Any pointers, documentation references, or analysis of this footer data would go a long way.
内容的提问来源于stack exchange,提问作者bang
