An error like this can only appear if the user initially turned it on (on a tablet or other mobile device).

This function protects personal data stored in the memory of the Android device. Encryption in this case is performed by the ICS system using a master key with a depth of 128 bits. If a password or PIN code is set to unlock the screen, then Android by default selects it as the “source” for creating a decryption master key.

After enabling the encryption function, each time the OS is rebooted, the device will request the specified password or PIN.

However, no system works without errors and periodically the Android encryption also fails here, which makes unexpected changes to the 16 kilobyte master key.

Such a failure can occur at any time, so to ensure you do not lose the necessary information, always save backup copies of your data. To do this, for example, you can make a backup to your Google account.

Otherwise, the cost of decrypting the card will be much more expensive than the cost of all the information stored in the phone’s memory (which will need to be decrypted). In the worst case, decryption will take so much time that the information will long ago lose its relevance.

Android encryption error: what to do?

So, what should you do if your phone says “encryption failed”? This message appears before the graphical shell is loaded for the reason that the module responsible for encryption (Cryptfs) is loaded one of the first. It allows all other modules to decrypt settings, read data from the cache and load a full version of the OS.

1. 1. First, you need to remove the microSD card from the device. Due to Google's policy, information on it is not encrypted by default, and, accordingly, this data may still remain accessible.

The worst thing you can do now is press the only soft button on the screen - Reset phone.

After activating it (in most cases), you can say goodbye to the information stored in the /data and possibly /sdcard folder.

1. 2. After removing the card, try rebooting your Android device using the mentioned button. If you were unable to resolve the encryption failure on your tablet the first time, try a few more times: perhaps the key is simply not loaded correctly due to an error in the code located on the external card.

Unfortunately, in most cases, rebooting does not fix the encryption failure, since either the internal card of the Android device or its controller is damaged.

1. 3. If restarting the phone/tablet did not help resolve the encryption failure, you should “roll back” the firmware and install a new version of the cryptographic module so that the device can be used.

To do this, you will need an external card, preferably at least 8 GB (you can use an “old one” if all important data has been backed up from it), on which temporary partitions /data and /sdcard will be saved.

1. 4. Insert the microSD card into your Android device.

The next stage is preparing the phone for flashing. To do this, you need to go into Android recovery mode. Depending on the model and manufacturer of the device, this mode can be accessed in different ways, but the most common key combination is to simultaneously press the power and volume down buttons and hold for one or two seconds.

In recovery mode, find the properties of the SD card and divide it into segments that will be allocated to the above sections. For the /data area, 2 GB of memory should be enough.

For "swap" select 0M. The card preparation process will take some time - during this time you can download the latest version of ICS that matches your phone/tablet model.

After downloading, save it to an already partitioned SD card.

At this point, the recovery mode option should enable the external media option.

When the connection to the computer is secured, do not forget to make a complete “backup” of the information stored on the Android device.

This time, starting the device will take a little longer, but after a reboot, the encryption failure will be “cancelled” and work with the device and external card will continue as before.

We store a lot of important and even confidential information on modern phones and tablets. These can be personal photos, correspondence, audio recordings, logins, passwords, bank card details and more. Often, users do not think about ways to protect such data until, for example, they lose a gadget. In the worst case, it falls into the hands of criminals who will gladly use your information for personal purposes. Sometimes that's the whole point. How to protect personal data?

Encryption and its meaning

To protect data, a regular screen lock password is most often used, for example, a graphic lock or a digital password. But often this method turns out to be unreliable. If you want one, and then all your personal data will be at your fingertips. A more effective way is encryption. The user himself will not feel much difference, but if the gadget is lost, even if attackers can somehow bypass the lock password, they will not have access to your data. This encryption is done quite simply:

• "Settings";
• "Security" and "Encryption".

After this, you will need to enter the code and wait some time until all the data is encrypted; this can take quite a long time, especially if the volume is large. It happens that over time you may see the message Android encryption failed, what should you do in this case?

Encryption failure: how to fix the problem?

In order to avoid such problems, you should always back up your data. For example, the Google cloud can be a reliable storage; this is the best option for all Android users. If you didn’t do this and saw a message about encryption failure, the main thing is not to rush to press the “Reset phone” button.

First, remove the external memory card, the data on it is not encrypted, this is provided for by the OS developers' policy. Only after this you can press this button, but be prepared for the fact that you may lose your personal data.

Only in rare cases, after rebooting the system, the failure is eliminated; in other cases, it will be necessary to roll back until the failure was detected.

Be careful about data encryption so as not to become a victim of your own vigilance.

The FBI tried through court to twist the hands of Apple, which did not want to create code to bypass its own security system. A critical vulnerability has been discovered in the Android kernel, allowing superuser access to bypass all security mechanisms. These two events, although unrelated, coincided in time, clearly demonstrating the differences in the security systems of the two popular mobile operating systems. Let's put aside for a moment the issue of a critical vulnerability in the Android kernel, which is unlikely to ever be fixed by most manufacturers in already released models, and consider the data encryption mechanisms in Android and Apple iOS. But first, let’s talk about why encryption is needed in mobile devices at all.

Why encrypt your phone?

An honest person has nothing to hide - the most popular leitmotif that sounds after every publication on the topic of data protection. “I have nothing to hide,” many users say. Alas, much more often this only means the confidence that no one will bother to get into the data of a particular Vasya Pupkin, because who is interested in them at all? Practice shows that this is not so. We won’t go far: just last week, the career of a school teacher who left her phone on the table for a moment ended with her dismissal. The students instantly unlocked the device and took out photographs of the teacher in a form that is condemned by the puritanical morality of American society. The incident served as sufficient grounds for the teacher's dismissal. Stories like this happen almost every day.

How unencrypted phones are hacked

We won't go into detail, just keep in mind: data from an unencrypted phone can be recovered in almost a hundred percent of cases. “Almost” here refers rather to cases where the phone was attempted to be physically damaged or destroyed immediately before the data was removed. Many Android and Windows Phone devices have a service mode that allows you to drain all data from the device’s memory via a regular USB cable. This applies to most devices on the Qualcomm platform (HS-USB mode, which works even when the bootloader is locked), on Chinese smartphones with MediaTek (MTK), Spreadtrum and Allwinner processors (if the bootloader is unlocked), as well as all smartphones manufactured by LG (there in general a convenient service mode that allows you to merge data even from a “bricked” device).

But even if the phone does not have a service “back door”, data from the device can still be obtained by disassembling the device and connecting to the JTAG test port. In the most advanced cases, the eMMC chip is removed from the device, which is inserted into a simple and very cheap adapter and operates using the same protocol as the most common SD card. If the data was not encrypted, everything can be easily extracted from the phone, down to the authentication tokens that provide access to your cloud storage.

What if encryption was enabled? In older versions of Android (up to 4.4 inclusive), this could be bypassed (with the exception, however, of devices manufactured by Samsung). But in Android 5.0, a strong encryption mode finally appeared. But is it as useful as Google thinks it is? Let's try to figure it out.

Android 5.0–6.0

The first device running Android 5.0 was the Google Nexus 6, released in 2014 by Motorola. At that time, 64-bit mobile processors with the ARMv8 architecture were already actively promoted, but Qualcomm did not have a ready-made solution on this platform. As a result, the Nexus 6 used the Snapdragon 805 chipset, based on Qualcomm's own 32-bit cores.

Why is it important? The fact is that processors based on the ARMv8 architecture have a built-in set of commands to speed up stream data encryption, but 32-bit ARMv7 processors do not have such commands.

So watch your hands. There are no instructions for accelerating crypto in the processor, so Qualcomm has built a dedicated hardware module into the system logic set to perform the same functions. But something didn’t work out for Google. Either the drivers were not completed at the time of release, or Qualcomm did not provide the source codes (or did not allow them to be published in AOSP). The details are unknown to the public, but the result is known: the Nexus 6 shocked reviewers with its extremely slow data read speed. How slow? Something like this:

The reason for the eight-fold lag behind its “younger brother”, the Motorola Moto X 2014 smartphone, is simple: forcibly enabled encryption, implemented by the company at the software level. In real life, Nexus 6 users on the original firmware version complained about numerous lags and freezes, noticeable heating of the device and relatively poor battery life. Installing a kernel that disables forced encryption immediately solved these problems.

However, firmware is such a thing, you can finish it, right? Especially if you are Google, have unlimited finances and have the most qualified developers on your staff. Well, let's see what happened next.

And then there was Android 5.1 (six months later), in which the necessary drivers for working with the hardware accelerator were first added in the preliminary version of the firmware, and then removed again in the final version due to serious problems with sleep mode. Then there was Android 6.0, at the time of its release users had already lost interest in this game and began to disable encryption by any means, using third-party kernels. Or don’t disable it if a read speed of 25–30 MB/s is enough.

Android 7.0

Okay, but could Android 7 fix a serious problem with a flagship device that is almost two years old? It’s possible, and it’s been fixed! The ElcomSoft lab compared the performance of two identical Nexus 6s, one running Android 6.0.1 with the ElementalX kernel (and encryption disabled), while the other was running the first preview version of Android 7 with default settings ( encryption enabled). The result is clear:

Continuation is available only to members

Option 1. Join the “site” community to read all materials on the site

Membership in the community within the specified period will give you access to ALL Hacker materials, increase your personal cumulative discount and allow you to accumulate a professional Xakep Score rating!

› News

Android encryption has failed: what to do?

We store a lot of important and even confidential information on modern phones and tablets. These can be personal photos, correspondence, audio recordings, logins, passwords, bank card details and more. Often, users do not think about ways to protect such data until, for example, they lose a gadget. In the worst case, it falls into the hands of criminals who will gladly use your information for personal purposes. Sometimes that's the whole point of having your phone stolen. How to protect personal data?

Encryption and its meaning

To protect data, a regular screen lock password is most often used, for example, a graphic lock or a digital password. But often this method turns out to be unreliable. If desired, such protection can be bypassed and then all your personal data will be in full view. A more effective way is encryption. The user himself will not feel much difference, but if the gadget is lost, even if attackers can somehow bypass the lock password, they will not have access to your data. This encryption is done quite simply:
Explay Fresh - make a Hard Reset on your smartphone

"Settings"; "Security" and "Encryption".

After this, you will need to enter the code and wait some time until all the data is encrypted; this can take quite a long time, especially if the volume is large. It happens that over time you may see the message Android encryption failed, what should you do in this case?
What to do if your tablet/smartphone does not turn on or is frozen

Encryption failure: how to fix the problem?

In order to avoid such problems, you should always back up your data. For example, the Google cloud can be a reliable storage; this is the best option for all Android users. If you didn’t do this and saw a message about encryption failure, the main thing is not to rush to press the “Reset phone” button.

First, remove the external memory card, the data on it is not encrypted, this is provided for by the OS developers' policy. Only after this you can press this button, but be prepared for the fact that you may lose your personal data.

Only in rare cases, after rebooting the system, the failure is eliminated; in other cases, it will be necessary to roll back until the failure was detected.

Be careful about data encryption so as not to become a victim of your own vigilance.

Today, every user has to think about protecting confidential information from unauthorized persons. Mobile device manufacturers care about future customers and their right to privacy, so they are paying more and more attention to preserving personal data. Tablets can also be classified as personal devices, so let's talk about protecting them.

Is it possible to disable encryption on a tablet?

The system functions of modern tablets support encryption mode for information stored both on the internal memory of the device and on an external SD card. It should be remembered that running encryption has a negative impact on the performance of the device. Those who value computing power over the safety of personal data should definitely read this article.

If you're lucky enough to own an Android tablet that originally runs a version of the operating system, you won't be able to disable the encryption feature. The developers decided to introduce forced encryption of information on the latest versions of the OS, but don’t despair, because hackers don’t sleep either. There is no doubt that these workers will soon offer their own solution to this problem. At the same time, tablets whose operating system has been updated to the latest version from earlier ones are not limited by such prohibitions, so the option to disable encryption is available. However, we recommend that you think about whether you really need this?

On earlier versions of Android, up to 2.3.4., encryption must be started manually. This option is in the settings menu: Security->Encryption->Encrypt device. It must be borne in mind that after this it is impossible to decrypt the encrypted data, since the developer did not provide such a possibility. Thus, if you need to decrypt information, its loss is inevitable. To do this, you will need to reset the device to factory settings from "recovery" mode.

To perform such a reset, you need to hold down the volume up and down keys, as well as the power key, while the tablet is turned off. You will be loaded into the engineering menu, where using the volume buttons you need to find the “wipe data/factory reset” menu item and, having selected it, press the power key. When the reset operation is completed, you need to reboot by selecting "reboot". After booting into operating mode on the tablet, you should restore your personal data, and then no longer run encryption.