ANALYSIS OF TECHNICAL FEATURES OF DATA ENCRYPTION IMPLEMENTATION ON SD CARDS IN THE ANDROID SYSTEM

Authors

Leila Rzayeva Astana IT University, Kazakhstan https://orcid.org/0000-0002-3382-4685
Abulkhair Imanberdi Astana IT University, Kazakhstan https://orcid.org/0009-0005-6144-2392
Ivan Opirskyy Lviv Polytechnic National University, Ukraine https://orcid.org/0000-0002-8461-8996
Oleh Harasymchuk Lviv Polytechnic National University, Ukraine https://orcid.org/0000-0002-8742-8872
Gulnara Abitova Astana IT University, Kazakhstan https://orcid.org/0000-0003-3830-6905

DOI:

Keywords:

encryption mechanisms, data encryption, file-based encryption (FBE), full-disk encryption (FDE), information security, encryption algorithms, data protection, android operating system, SD cards

Abstract

This article provides a detailed analysis of data encryption mechanisms for removable storage devices in the Android operating system. Two main information protection technologies are examined: file-based encryption when using an SD card as portable storage and full-disk encryption when using a memory card as an extension of the device's internal storage (Adoptable Storage). The technical implementation features of each method are investigated, including the encryption algorithms used, the structure of encrypted data, and key storage mechanisms. The research was conducted using Sony Xperia XZ and Xiaomi Redmi 5 Plus devices, employing tools for working with file systems and encryption based on Linux and Android. The analysis has established that full-disk encryption is utilized the dm-crypt kernel module in plain mode with AES-256-CBC-ESSIV:SHA256 cipher. The partition encryption key is stored in the device's internal memory. File-based encryption employs the eCryptFS kernel module. The file structure includes information about the original file size, format marker, flags, number of extents, their size, and the encryption key. Comparative analysis has shown that Adoptable Storage mode provides more comprehensive data protection through full-disk encryption, while Portable Storage mode with file-based encryption offers greater flexibility in use but may be less secure due to the possibility of analyzing the file system structure and file metadata. Research has revealed the implementation of encryption mechanisms depends on the device manufacturer and Android operating system version. The research findings have practical significance for understanding the level of data protection using different modes of removable storage operation in the Android system and are useful for both developers and information security specialists, as well as ordinary users.

Author Biographies

Leila Rzayeva, Astana IT University, Kazakhstan

PhD, Associated Professor, Deputy of Head of the Department of Intelligent Systems and Cybersecurity

Abulkhair Imanberdi, Astana IT University, Kazakhstan

Master of Science, Team Lead of State Technical Service JSC, CTF-Trainer

Ivan Opirskyy, Lviv Polytechnic National University, Ukraine

Doctor of Technical Sciences, Professor, Head of the Department of Information Protection

Oleh Harasymchuk, Lviv Polytechnic National University, Ukraine

PhD., Associate Professor of the Department of Information Security

Gulnara Abitova, Astana IT University, Kazakhstan

PhD, High-Researcher, Associated Professor of the Department of Intelligent Systems and Cybersecurity

References

Bhat, P., & Dutta, K. (2019). A survey on various threats and current state of security in Android platform. ACM Computing Surveys (CSUR), 52(1), 1-35. https://doi.org/10.1145/3301285

Wei, F., Roy, S., Ou, X., & Robby. (2018). Amandroid: A precise and general inter-component data flow analysis framework for security vetting of android apps. ACM Transactions on Privacy and Security (TOPS), 21(3), 1-32. https://doi.org/10.1145/3183575

Nurse, J. R., Creese, S., & De Roure, D. (2017). Security risk assessment in Internet of Things systems. IT professional, 19(5), 20-26. https://doi.org/10.1109/MITP.2017.3680959

Scrivens, N., & Lin, X. (2017, May). Android digital forensics: data, extraction and analysis. In Proceedings of the ACM Turing 50th Celebration Conference-China (pp. 1-10). https://doi.org/10.1145/3063955.3063981

Tam, K., Feizollah, A., Anuar, N. B., Salleh, R., & Cavallaro, L. (2017). The evolution of android malware and android analysis techniques. ACM Computing Surveys (CSUR), 49(4), 1-41.

Yang, L., Wei, T., Zhang, F., & Ma, J. (2018). SADUS: Secure data deletion in user space for mobile devices. computers & security, 77, 612-626. https://doi.org/10.1016/j.cose.2018.05.013

Android Open-Source Project. Traditional storage | Android Open-Source Project. Android Open-Source Project. URL: https://source.android.com/docs/core/storage/traditional

Android Open-Source Project. Adoptable storage | Android Open-Source Project. Android Open-Source Project. URL: https://source.android.com/docs/core/storage/adoptable

What happened to Android’s adopted storage option that allowed you to mount the SD card as internal storage space? My S10 Plus had an upgrade to Android 12 and I can't find it anywhere. Quora. URL: https://www.quora.com/What-happened-to-Android-s-adopted-storage-option-that-allowed-you-to-mount-the-SD-card-as-internal-storage-space-My-S10-Plus-had-an-upgrade-to-Android-12-and-I-cant-find-it-anywhere

Linux Kernel Organization, Inc. (n.d.-c). WHAT IS Flash-Friendly File System (F2FS)? The Linux Kernel Documentation. URL: https://docs.kernel.org/filesystems/f2fs.html

Linux Kernel Organization, Inc. (n.d.-b). ext4 data structures and algorithms. The Linux Kernel Documentation. URL: https://docs.kernel.org/filesystems/ext4/index.html

Kirkland D. eCryptfs. eCryptfs. URL: https://www.ecryptfs.org/

Euresys s.a. (n.d.). eCryptfs header. Euresys Documentation. URL: https://documentation.euresys.com/Products/PICOLO_NET_HD1/PICOLO_NET_HD1/en-us/Content/encrypted-media-storage/ecryptfs-header.htm

Halcrow, M. A. (2005, July). eCryptfs: An enterprise-class encrypted filesystem for Linux. In Proceedings of the 2005 Linux Symposium (Vol. 1, pp. 201-218). URL: https://www.kernel.org/doc/mirror/ols2005v1.pdf#page=209

Linux Kernel Organization, Inc. (n.d.-a). Encrypted keys for the eCryptfs filesystem. The Linux Kernel Archives. URL: https://www.kernel.org/doc/html/v4.17/security/keys/ecryptfs.html

Kaaniche, N., Laurent, M., & Belguith, S. (2020). Privacy enhancing technologies for solving the privacy-personalization paradox: Taxonomy and survey. Journal of Network and Computer Applications, 171, Article 102807. https://doi.org/10.1016/j.jnca.2020.102807

Cryptsetup / cryptsetup · GitLab. GitLab. URL: https://gitlab.com/cryptsetup/cryptsetup

Kerrisk M. dmsetup(8) - Linux manual page. URL: https://man7.org/linux/man-pages/man8/dmsetup.8.html

Demir, L., Thiery, M., Roca, V., Tenkes, J., & Roch, J. (2020). Optimizing dm-crypt for XTS-AES: Getting the best of Atmel cryptographic co-processors. In Proceedings of the 17th International Joint Conference on e-Business and Telecommunications (ICETE 2020) – SECRYPT (Vol. 1, pp. 263–270). SCITEPRESS – Science and Technology Publications. https://doi.org/10.5220/0009767802630270

Anton Dănuț, S., & Simion, E. (2019). Linux Unified Key Setup (LUKS) - The good, the bad, the ugly. In 2018 10th International Conference on Electronics, Computers and Artificial Intelligence (ECAI). https://doi.org/10.1109/ECAI.2018.8678978

PO David. How to decrypt and split adopted storage?. XDA Developers. URL: https://xdaforums.com/t/how-to-decrypt-and-split-adopted-storage.3383666/

Chang, K.-C., Teng, Y.-T., & Chin, W.-L. (2023). High-throughput CBC mode crypto circuit. Electrical Science & Engineering, 5, 20–30. https://doi.org/10.30564/ese.v5i1.5636

Alimzhanova, Z., Skublewska-Paszkowska, M., & Nazarbayev, D. (2023). The periodicity detection of the substitution box in the CBC mode: Experiment and study. IEEE Access. https://doi.org/10.1109/ACCESS.2023.3295909

Severo, V., Ferreira, F., Spencer, R., Nascimento, A., & Madeiro, F. (2024). On the initialization of swarm intelligence algorithms for vector quantization codebook design. Sensors, 24(8), Article 2606. https://doi.org/10.3390/s24082606

Fesenko, A. (2024). Cryptanalysis of Strumok cipher initialization. Tatra Mountains Mathematical Publications. https://doi.org/10.2478/tmmp-2024-0009

Downloads

Published

2025-03-30

How to Cite

Rzayeva, L., Imanberdi, A., Opirskyy, I., Harasymchuk, O., & Abitova, G. (2025). ANALYSIS OF TECHNICAL FEATURES OF DATA ENCRYPTION IMPLEMENTATION ON SD CARDS IN THE ANDROID SYSTEM. Scientific Journal of Astana IT University, 21, 157–171. https://doi.org/10.37943/21LMQF2486

Download Citation

Issue

2025: Volume 21

Section

Information Technologies

License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Authors who publish a manuscript in this journal agree to the following terms:

The authors reserve the right to authorship of their work and transfer to the journal the right of first publication under the terms of the Creative Commons Attribution License, which allows others to freely distribute the published work with a mandatory link to the the original work and the first publication of the work in this journal.
Authors have the right to conclude independent additional agreements that relate to the non-exclusive distribution of the work in the form in which it was published by this journal (for example, to post the work in the electronic repository of the institution or publish as part of a monograph), providing the link to the first publication of the work in this journal.
Other terms stated in the Copyright Agreement.