An answer (data deleted after encrpytion – recoverable?) Resulted in conclusions that raised some questions for me.
Link to the article: https://www.cl.cam.ac.uk/~rja14/Papers/en_most15.pdf
Researchers from the University of Cambridge have tested a range of Android devices
running Android and found that in any case they were able to recover
account tokens – used to authenticate the first time you enter
a password (Google, Facebook and WhatsApp). In 80% of cases, they were
able to recover the master token, which is practically the main key for
the device. Once the main token has been recovered, the user's identification information
This file can be restored and all your data resynchronized on the device:
refers to emails, photos stored in the cloud, contacts and calendars. So you
just offer access to everything!
Main Token = encryption key used to encrypt storage when writing data?
Devices with built-in encryption are not immune to such a problem
because they do not provide the software required to function properly
wipe the flash storage.
The document deals only with Android 2.3 to 4.3 (which are between 6 and 9 years old now).
"Android L (Android 5) should include hardware protection for disk encryption keys, as well as hardware acceleration for encrypted disk access." (Https://nelenkov.blogspot.com/2014/10/revisiting-android-disk-encryption.html)
The paper does not take that into account, I suppose?
Is the key not already stored in the TEE, which includes key storage backed up by hardware?
… after reset, fill the device with unnecessary data to overwrite
all that is sensitive like tokens and cryptographic keys left in flash memory
storage and you should do this without registering with Google. You
can do it by copying something or just by recording a video for
as long as you can, at the highest possible resolution, until all your
the available space is full.
The rewrite does not work this way on flash storage, I thought (because of the leveling of wear)?