Pixel AFU vs BFU security

someone1223

How does GrapheneOS handles AFU security on pixel? We know some info like contacts needs to be decrypted even when locked for convenient use. How GrapheneOS securely encrypts and decrypts when phone is locked? Does it store the decryption key in memory in plain?

other8026

someone1223 you can read this section for answers about encryption: https://grapheneos.org/faq#encryption

someone1223

other8026 it doesn't specifically talk about AFU vs BFU, or I am too dumb to understand it.. Can you help?

other8026

someone1223

It's been a while since I read through it and while I think I have a pretty good idea of how it works, I am not confident enough in my ability to explain it. This is why I just linked to the website.

I think this part answers your question:

Disk encryption keys are randomly generated with a high quality CSPRNG and stored encrypted with a key encryption key. Key encryption keys are derived at runtime and are never stored anywhere.

In addition to that:

The OS stores a high entropy random value as the Weaver token on the secure element (Titan M on Pixels) and uses it as another input for key derivation.

So, in short, the answer is no. Keys aren't stored in plaintext.

someone1223

other8026 this sounds like keys are always derived from secure element. But I know there are some differences in BFU and AFU, like ability to switch profiles. So what's happening there?

other8026

someone1223 I think the only real difference is that Owner is logged in, so switching users is possible.

Like this part says:

The owner profile is special and is used to store sensitive system-wide operating system data. This is why the owner profile needs to be logged in after a reboot before other user profiles can be used.