How to verify encryption?

stkr

As someone coming from the desktop world, where one can simply boot into a live Linux environment and look for magic bytes, strings or even calculate the entropy of the data on block devices:
How to do the same on a mobile phone with GrapheneOS installed to be able to confirm, that the user data partition is actually encrypted?
In other words: How would an attacker with physical access attempt to extract data given the login method cannot be bypassed?

raccoondad

stkr "How to do the same on a mobile phone with GrapheneOS installed to be able to confirm, that the user data partition is actually encrypted?"

You can't. its encrypted, you can verify that by looking at the pixels/AOSP documentation

"How would an attacker with physical access attempt to extract data given the login method cannot be bypassed?"

They would have to physically have to extract the SSD, dump it, get the Pixels security chip, find a way to get the weaver token, have your password, then combine the two, then decrypt the data.

99% chance it won't happen

akc3n

stkr see https://grapheneos.org/faq#encryption

Also, this has been discussed here in various aspects quite a lot.

For example, https://discuss.grapheneos.org/d/4049-security-from-bruteforce or another example is by searching our forum, as another example https://discuss.grapheneos.org/?q=cellebrite