Full-disk encryption performance in Librem 5


#1

As a privacy-focused phone, I would expect it will be full-disk encrypted by default. I would like to know are there any test on performance after encrypted? Is it usable for day-to-day work?

I am not familiar with i.MX series CPU. After some Googling, i.MX.6 and 8 does not seem to have modules directly support full-disk encryption, but have crypto module to speed up some operation in encryption. I am not sure if the linux kernal has implemented for those crypto module.


#2

i imagine that in the early versions of the librem 5 smartphone the battery life will suffer when using full disk encription.

i would argue against making this a default and just leave it as an option when first fired up after unboxing.


#3

that would make it worse (security-wise) than a newish android phone. :confused:
I would expect a security-focused phone to have sane defaults.


#4

Phones need full disk encryption. Given that you are carrying them everywhere and they contain much PII, encryption is a must if we don’t want to leak our info everywhere.

However, if there is a major performance penalty, we should provide an option to turn it off. I still think encryption should be on by default to protect the majority of users.


#5

i wonder about that … since the librem 5 will have hardware kill switches that means it will be easier to control the leaking of information part-time when you sever the outside links. personally i wouldn’t store critical information on the storage of the phone anyway. maybe just some files that i abolutely have to have there in a temp folder that is encripted on it’s own.

like i said full disk encription will be too costly on the first revision of the phone we’ll see how it is 2020 onwards.


#6

If that’s the case, I would wait until full disk encryption is usable.

Librem 5 is the one of the few phone that tackling the problem of baseband in an acceptable way. It is a big plus, but not without full disk encryption. The attack vector on baseband is mitm attack of some fake baseband tower, or your data sold by your provider. Both of them required some organization or individuals with sophistication either in terms of technology, finance or power, such as law enforcement, 3 letter agency, some organized crime, or advertisement agency. You are pretty powerless if you are facing former two of them, but it is not likely you as a law-biding citizen being directly targeted, but by immoral use of their power, by chance your detail may be exposed. Same goes to advertisement firm where they gather any personal data as much as all possible source. That’s a worrying concern but not large enough to change a phone since our data are being sold everyday.

However, full disk encryption is different, it’s not about 3 letter agency or advertisement firm, but day-to-day life. For example, if I go to phone repair shop to repair my phone(though I am not sure can a repair shop could repair a Librem phone), without full disk encryption, maybe let say my porn collection with my girlfriend will be exposed to the internet, due to a rogue technician :grinning:
It is actually happened that some celebrities personal collection is exposed due to rogue technician, and become a scandal.

Another situation is you are forced by law enforcement to hand out your phone. If no full disk encryption in place, your personal data will be exposed in the worst timing during prosecution. Maybe you did nothing wrong, but by trying to prove that you are innocent, you give a device full of personal information which the law enforcement may interpret your data in their own way, which is most likely to be unfavorable to you. You wants to expose those information to a lawyer before law enforcement so that you know what information you should give to law enforcement.

You may say, a encrypted folder is enough, but the thing is you cannot assure. Since there are cache and log files, you may not know cache used by all application in your phone. You could only have a good sleep after losing your phone in someone’s hand if a full disk encryption and the phone being closed after several attempt of password entering.

A new android phone and iphone will have full disk encryption. Though in android, you cannot use different key for locked screen and encryption, which force you to either use a weak key or have an unusable phone. It is possible to bypass this behavior with some hack, but it does not survive an update, which is not really ideal. Ironically, iphone did the best job in terms of disk encryption. Since the disk is encrypted by a passcode, and a different authentication to unlock the screen.

Now, if the first release cannot have a usable full disk encryption, I can wait, but at least don’t repeat the same mistake from android where your encryption key is coupled with the lock screen password. Though I don’t think a normal GNU/Linux has this behavior, but just a reminder if Purism has similar approach on disk encryption with Android.


#7

really i can’t speak for/or on behalf of Purism employees about what the final approach with the librem 5 will be … i only spoke out of common sense knowing that full disk encription is battery expensive not only for the iPhone but for any smartphone device proprietary or non proprietary.

on another note … is keeping a personal porn collection with your girlfriend really something most people will want or cassually do ? maybe it’s a way to self flagelate when you are older - looking at yourself when you were younger and more … potent

if you get caught by the authorities your phone is going to be the least of your worries.

just fyi about cache or caching - it’s really not that big of a deal since it’s quite easy to control IF you know what your doing but anyways i won’t insist since i sense your tin foil hat is bigger and heavier than mine.


#8

I know you are not representing Purism’s view. I am just trying to stress the importance of this feature if they didn’t aware. Why a person would interest in a Librem 5 phone is either concerning about privacy, interested in using GNU/Linux phone, or usually both. So, maybe I am a little bit paranoid, but if I don’t buy a Librem phone, I am using some sub-optimal solution: my Android phone flashed with custom rom, and I don’t store any sensitive data in the phone since I don’t trust the phone. If I could trust the phone to protect me and don’t betray me, then I am a happy customer and ditch my old phone.

Cache is not easy to control unless you seriously invest your time to investigate how each of your application behave and producing caches, meaning you have to be careful when you install new application. Of course there are convention location of cache, but it is convention not necessary be followed. But after full disk encryption, you don’t have to investigate at all. Also, common filesystem like ext4 has journal leaving trace of all your filenames and when you use it. It is some important evidence if you are caught. Since it leaks your messaging timing information.

By the way, personal porn collection is just a little joke, but seriously I have already seen many young celebrities make this mistake in the hand of a rogue repair technician. :joy: I don’t understand why they think phone is a save place to store those things, and happy to give an unencrypted phone to someone’s hand, but this is common mistakes by non-tech people anyway. I don’t personally do that, but it could be mean any secret data, like your personal diary, your next billion dollar plan, or your investigation note about some sensitive official if you are a journalist etc.


#9

How do you KNOW WHO i’m representing ? i just said that i can’t speak on their behalf that’s all. and what is Purism’s view exactly ?

are you a Journalist ? why do you call upon such ridiculous scenarios ? billion dollar plan my *** …

Moderator edit: please what your language here.


#10

If it confuses you, I can clarify.

  1. I know you are not Purism’s representative nor employee. That’s what I mean if the wording confuses you.
  2. They are just some silly example of secret data, if you are not fan of it, it’s okay. But I believe you do have some data want to hide, otherwise, you may not really interest in a privacy-focused phone, right? Though my view is opposite, any personal data should be hidden unless I am willing to disclose, that’s why full disk encryption is useful to enforce this policy.

#11

actually no. i am not interested in a privacy-focused phone primarily. i am interested in using and supporting Libre Computing Devices first and foremost. the work beeing done here at purism is very important and yes they do state that they focus on privacy but they also have a bigger long term goal which is getting RYF certification by FSF. that is the big DEAL not privacy and security (they are important but secondary). people often seem to forget that.

also Librem 5 will be the grandfather of pocket PCs running full GNU+Linux distribution certified RYF devices.

if you want privacy and security and full disk encription and what-not have a look at QubeOS. that is the daddy of privacy and security.

pureOS is just casual day-to-day floss for devices.


#12

I think we all agree here. Encryption should be optional. Debate over.


#13

Cool, as you have outline, we have different expectation on the phone, and therefore cannot agree on this. No further discussion is required since we are different customer. We should accept difference, and we do not need to agree with each other but still hope Librem 5 success. It is cool to use some real GNU/Linux tool on a phone instead of some handicap replacement.

Just a side note, QubesOS is good, but still required a modern Intel or AMD CPU in order to operate in a usable level. If someone wants a hardware backdoor free ARM computer with QubesOS, then they are out of luck. There are still a long way for a fast modern system with completely free hardware and software, but the laptop and desktop space are still significantly better than the walled garden in mobile device.


#14

if you want privacy and security and full disk encription and what-not have a look at QubeOS. that is the daddy of privacy and security.

Let’s briefly refer to the homepage of purism where it reads:

Librem 5 – A Security and Privacy Focused Phone

So if you want a privacy and security centered phone the Librem 5 is the way to go.
For a mobile device there is absolutely no sane reason to not have encryption on by default. The scenarios mentioned by uau7j7woi7 are valid scenarios and handing over an unencrypted phone to anyone (including return shipping, repair or even disposal) is grossly negligent. And even in the most basic scenario, full disk encryption (FDE) makes it easy and fast to securely wipe your disk.

However, the librem 5 being a libre phone, there’s also absolutely no reason why you should not be able to turn off FDE. Depending on how it is implemented there should either be a dialogue during the setup to decide on FDE (with encryption enabled by default!) and/or you should be able to turn it off at any point later on. The default should always be the secure (and sane) option though.

Regarding FDE in general: Good news it seems to be a focus of purism to support LUKS from day one:


#15

yes the main page refers specifically to librem 5 smartphone devices beeing focused primarily on privacy and security but as @uau7j7woi7 pointed out QubesOS not beeing adequate for mobile devices right now there could be no other option than PureOS.

but we derailed from the main title which is “full-disk-encryption-performance-in-librem-5”. the key word beeing PERFORMANCE.

so what exactly are we debating ?

people who are interested in having (default or not) full-disk-encryption in their librem 5 device should word out what they EXPECT in regard to PERFORMANCE

personally i would not have any device in my hand (encripted or not encripted default or not ) that will make my devices drain battery at unacceptable rates or hinder it’s performance in any noticeable way.

so what we have to actually start debating is what those acceptable rates are or what kind of performance penalty will we be prepared to accept in order for such default or non default encription to ocur on the device.

will you be ok with your phone dying on you in the middle of an important bussiness call under standard work hours ? etc


#16

As far as acceptable performance penalty goes, I know something about this. I have been using Android for years. On my old Moto G and Moto X, I tried encryption but the phone would factory reset itself randomly. So, I turned it off.

I now have a Galaxy S5 and encryption noticeably slows down the phone and decreases battery life. I use it any way because I value security.
As far as what is acceptable goes, different people will have different opinions and we want as many people using encryption as possible.


#17

In my experience, my Galaxy S4 has a very slow startup and decreases in battery life after encryption, but the performance after startup is acceptable for me. Battery Life is a concern, but charging in company at work is okay for me, so it doesn’t really matter in my work day. It still survive for 8 hour idle, and web browsing for maybe 3 hour. For pure messaging, it is sufficient for me. If use it for hiking and traveling, then maybe it is less than ideal, but you need a power bank anyway if you need the phone to survive a long enough time for a whole day using map app and GPS turning on.


#18

clearly introducing the need for external power banks should be kept as a last measure.

  1. depending on how much the encription engine works on each device you might need to recharge the internal battery more than once a day to make sure it doesn’t die.
  2. quality and fast charging external battery banks are expensive and the ones that offer higher capacity are bulky and heavy.
  3. assuming you have one that charges your device fast enough you introduce another problem - faster internal battery life degradation which leads to more expense - having a few spare internal batteries. also you need specialised hardware charging technology for fast charge. more cost added.

thus my suggestion on using encription with discernment.


#19

to put fears to rest full disk encryption is in android already which means that puri.sm can follow roughly the same system (modified for pureOS) to ensure a decent level of encryption. ofc it will never be as secure as a desktop but then again anything ‘secure’ is encrypted more than once (my school uses three layers on pupil their pupil ID servers). So just don’t store anything too important on there an all should be good.

https://source.android.com/security/encryption/full-disk


#20

@blendergeek pretty sure full disk encryption is a one-way road