Based on materials from androidcentral.com
The topic of security in the world of mobile devices and, in particular, in the world Android, will never lose its relevance. In this short article, we'll talk about data encryption. There is a lot of discussion on various issues related to encryption. But does everyone know what it is? Let's dig a little deeper into the most basic theory.
What is encryption?
In the most general sense, encryption is changing the way information is presented in such a way that it turns out to be hidden, and the only way to get it in its original form is through some clear set of instructions.
There are many ways to encrypt information, especially if it is stored digitally on a computer or phone. If you've ever received a zip file or an Office document Microsoft that required a password to view, it means it was encrypted. The data you wanted to get was placed in a container (which can be thought of as a folder on your smartphone or computer), and the container was password protected. You can extend this method to an entire disk or partition. To access any information inside an encrypted section, you need to open it with a password.
Another way to encrypt data is to physically change how it is presented until it is decrypted. You can compare this to an application in which you type a phrase, and it translates letters into numbers from 1 to 33. You drive in a sentence, and you see a sequence of numbers.
But the application knows that 1 means 'A', that no number greater than 33 matches, and the application has access to the operating system dictionary to check spelling, since the sequence 11 can mean both 'AA' and 'AK', in depending on the word you typed. When someone else uses the application to read what you have written, it looks normal.
Now imagine a different situation. The order of the numbers was reversed, 13 was added between 11 and 15, the space between words was removed, and a random unreadable sequence of characters was inserted in every small spacing between letters. This file cannot be read without using the application, unlike the first example, which can be dealt with with the will and patience. This is how the encryption algorithm works. It helps a program to turn information of any kind into a jumbled mess that is easy to decipher with an algorithm and very difficult and time consuming without it.
Computer algorithms can do much more complex things than the simple example above. And they perform these operations much faster than the person who counted on his fingers to come up with this example. Encrypting a folder or disk is a sample encrypted container, and encrypted data like our example can also be placed in such an encrypted container.
Taking information, encrypting it, and then making sure that applications and services that need access to this information can decrypt and use it is very difficult. Fortunately, this job is done by the device and the operating system on it, and all that is required of us is to know the correct password and use the correct service.
Encryption and Android
Android supports file and container level encryption (full disk encryption). As an application platform, it can also support third-party encryption methods such as secure folders or encrypted messaging and mail. This means that the device's chipset contains a component that is installed to help encrypt and decrypt data on the fly. The actual key to decrypt files is stored on the device, and every user action – password, fingerprint, trusted device, etc. – that is used to gain access to encrypted data accesses the Secure Element (a separate microprocessor like those used in plastic cards) . Starting with Android 6.0 Marshmallow, all encryption functions can be performed using this Secure Element and private key, tokens (one-time or reusable electronic keys) that are used to encrypt and decrypt data. This means that without providing a valid token to the processor, the data will remain encrypted.
In your settings Android, you can also make the system remain encrypted every time the phone is booted, until a password is entered. When the data on your phone is encrypted, it already provides security, but pausing the download process until a password is entered prevents access to files and serves as an additional layer of protection. In any case, your password (or PIN, or pattern, or fingerprint) accesses the data through the Secure Element, and you have no way to get the private encryption key – the only one needed to find out what was done with the data and how to return them to their previous form.
Your correspondence and actions in the browser may also be encrypted. You've probably noticed that in your browser, many sites have URLs starting with HTTPS instead of HTTP. HTTP stands for Hypertext Transfer Protocol, and it is the protocol (thanks cap!) That is used to send and receive data over the Internet. In turn, HTTPS stands for 'HTTP over SSL' (Secure Sockets Layer), it adds an encryption standard to the protocol. All data that you enter in the browser is modified using the public key, which you download from the site, entering it, and only the private key – which is on the web server – can decrypt it.
The data that gets back to you is mutated so that it can only be decrypted using your unique version of the public key. You don't need to do anything other than visit secure sites whose URL starts with HTTPS. Your smartphone checks to see if the server is what it looks like with a certificate and encrypts and decrypts the data on its own through the browser app.
In order to conduct encrypted correspondence, you usually need to download the application from Google Play. Apps like Signal or WhatsApp offer encryption called end-to-end, which means the app assigns keys to individual contacts or groups and only the person to whom it is addressed can read the message. BlackBerry Messenger is considered by many to be secure, but since it has only one shared key that all devices have BlackBerry, this security is somewhat controversial. BBM Protected is available for groups that require higher encryption or end-to-end encryption. iMessage from Apple also has end-to-end encryption, but only if all participants in the correspondence are lucky owners iPhone.
You use these applications as you would any other messenger: you add a contact and exchange messages with him. The only difference is that these messages can be encrypted so that only two parties – the participants in the correspondence – can read them.
Is encryption good or bad?
Some comrades in some governments argue that the encryption technologies available to the end user, that is, you and me, is dangerous, because it makes it impossible to track all communications of persons who may be of interest to all kinds of bodies. This argument can sound convincing when we are told about how terrorists have been communicating for months on Facebook or WhatsApp. However, the encryption technology itself is not dangerous, but without it, none of our actions on the network could be considered safe, and we could not be sure that our communication is personal. Any sensitive information on our smartphones could be easily obtained by those who had the right tools and sufficient motivation.
If we lose the right to use data encryption, we will lose the right to privacy. It is good to be sure that the state will prevent crime and that potential criminals are found. But for the sake of this, law-abiding citizens, who, for example, simply buy something online, must sacrifice their rights. It is interesting to know, dear readers, what do you think on this issue.