Graphene Encryption

MikeBench

I wonder about the graphene encryption. My password is over 70 characters for the main profile and my secondary profile is 60 characters. Is this secure and unbreakable?

I have enabled fingerprint with secondary pincode needed is this safe?

If example I turned my phone completely off and it's in BFU is there any way a adversary can enable the fingerprint after reboot to skip the encryption password?

pixelfairy

MikeBench For the first part, see xkcd: 936

https://xkcd.com/936/

The example refers to access passphrases. To calculate entropy in bits, take the log2 of the number_of_possible_words to the power of the number of words in the passphrase. Last I checked, you want 128 bits if you don't think quantum decryption will be a thing, and 256 if you do. So if your dictionary is 7000 words, you want a 20 word passphrase. Any more is just giving you carpal tunnel with no benefit.

ryrona

MikeBench My password is over 70 characters for the main profile and my secondary profile is 60 characters. Is this secure and unbreakable?

The number of characters doesn't matter. If you have 70 "a"'s that is not going to be very secure at all. What matters is entropy, and a passphrase with 80+ bits of entropy should be unbreakable in practice even for the most powerful adversaries, since electricity cost alone will be in the billions of USD, which not even a government can pay.

Read up on diceware passphrases, since they make it easy to choose a passphrase with a predictable or decided amount of entropy, while still being memorable.

MikeBench I have enabled fingerprint with secondary pincode needed is this safe?

Yes.

MikeBench If example I turned my phone completely off and it's in BFU is there any way a adversary can enable the fingerprint after reboot to skip the encryption password?

No, it is impossible to bypass the encryption passphrase in BFU, since the encryption key is derived from the passphrase and weaver token, and any of those being missing means you cannot derive the encryption key. No software bug or hardware flaw changes this, which is why using strong passphrases are so good. Only the weaver token is vulnerable to software bugs, but obtaining the weaver token alone is not enough to derive the encryption key.

Xtreix

MikeBench I assume you're using a passphrase between 10 and 12 words ? Have you looked into threat models to see if this isn't overkill for you ?

Informations here, how encryption is implemented in GrapheneOS :

https://grapheneos.org/faq#security-and-privacy

What is a threat model :

https://opsec101.org/
https://cheatsheetseries.owasp.org/cheatsheets/Threat_Modeling_Cheat_Sheet.html

My opinion is that 70 characters for the first unlock and 60 characters (random password or random passphrase) for the second unlock after fingerprint recognition is completely overkill for most users, for my part on my device, I use a random 6-digit PIN code for the first unlock, and a fingerprint + random 4-digit PIN code for the second unlock. Keep in mind that Google Pixel phones from generation 6 onwards use the Titan M 2 (for generation 2) security chip which makes a simple 6- to 8-digit PIN code secure for most users. The Titan M (M for mobile) is a derivative of the Titan chip used in Google Cloud infrastructure, adapted for mobile devices.

Information about what Titan M is and what it does :

https://blog.google/products/pixel/titan-m-makes-pixel-3-our-most-secure-phone-yet/
https://cloud.google.com/blog/products/identity-security/titan-in-depth-security-in-plaintext?hl=en
https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html

Users who do not want to trust the Secure Element (Titan M) can use a strong passphrase. Just four random words is already much stronger than a six-digit PIN when Secure Element is taken into account, and you can use between seven and eight words to prevent a brute force attack if Secure Element is compromised. To date, there is no evidence that Titan M 2 has been compromised, and the exploit would likely cost millions of dollars.

MikeBench If example I turned my phone completely off and it's in BFU is there any way a adversary can enable the fingerprint after reboot to skip the encryption password?

No, if the device is in BFU mode, it must first be unlocked using the first unlocking method.

Endless

pixelfairy

Or more like this one: https://xkcd.com/538/