diff options
author | Unsuk Jung <unsuk@google.com> | 2015-10-01 23:45:06 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2015-10-01 23:45:06 +0000 |
commit | 33e4eb2ac96b75187d9b05df18360fd039580fe6 (patch) | |
tree | 25b0d1fcd333b64b664ee97e68f38faef0d22359 | |
parent | 43f04583ff88d4edf02600e45d049a358f7b0895 (diff) | |
parent | 41641fb82d096ece6271a73346a18fa8f80619c3 (diff) | |
download | source.android.com-33e4eb2ac96b75187d9b05df18360fd039580fe6.tar.gz |
Merge "CDD: Require full-disk encryption to be on by default" into mnc-dev
-rw-r--r-- | src/compatibility/android-cdd.html | 28 |
1 files changed, 18 insertions, 10 deletions
diff --git a/src/compatibility/android-cdd.html b/src/compatibility/android-cdd.html index e451c251..48e23c0b 100644 --- a/src/compatibility/android-cdd.html +++ b/src/compatibility/android-cdd.html @@ -4435,16 +4435,24 @@ access to the contents of the shared storage over the USB port.</p> <p>Optional for Android device implementations without a lock screen.</p> </div> - -<p>If the device implementation supports a lock screen with PIN (numeric) or -PASSWORD (alphanumeric), the device MUST support full-disk encryption of the -application private data (/data partition), as well -as the SD card partition if it is a permanent, non-removable part of the device -[<a href="http://source.android.com/devices/tech/security/encryption/index.html">Resources, 107</a>]. For devices supporting full-disk encryption, the full-disk encryption SHOULD -be enabled all the time after the user has completed the out-of-box experience. -While this requirement is stated as SHOULD for this version of the Android -platform, it is <strong>very strongly RECOMMENDED</strong> as we expect this to change to MUST in the future versions of Android. -Encryption MUST use AES with a key of 128-bits (or greater) and a mode designed +<p>If the device implementation supports a secure lock screen reporting "<code>true</code>" +for KeyguardManager.isDeviceSecure() +[<a href="http://developer.android.com/reference/android/app/KeyguardManager.html#isDeviceSecure()">Resources, XX</a>], +and is not a device with restricted memory as reported through the +ActivityManager.isLowRamDevice() method, then the device MUST support full-disk encryption +[<a href="http://source.android.com/devices/tech/security/encryption/index.html">Resources, 107</a>] +of the application private data (/data partition), as well as the application +shared storage partition (/sdcard partition) if it is a permanent, non-removable +part of the device.</p> + +<p>For device implementations supporting full-disk encryption and with Advanced +Encryption Standard (AES) crypto performance above 50MiB/sec, the full-disk +encryption MUST be enabled by default at the time the user has completed the out-of-box +setup experience. If a device implementation is already launched on an earlier Android +version with full-disk encryption disabled by default, such a device cannot +meet the requirement through a system software update and thus MAY be exempted.</p> + +<p>Encryption MUST use AES with a key of 128-bits (or greater) and a mode designed for storage (for example, AES-XTS, AES-CBC-ESSIV). The encryption key MUST NOT be written to storage at any time without being encrypted. Other than when in active use, the encryption key SHOULD be AES encrypted with the lockscreen |