Released this fall, the Pixel phones by Google usher in a new era of Android where Google can exercise Apple-like control over its ecosystem. For a while now, Google requires OEMs to enable encryption by default as long as the hardware meets a certain performance standard. But with the Pixel, Google introduced a new cryptographic engine with the Snapdragon 821 that enables Android 7.0's new file-based encryption.
The Pixel phones are encrypted by default, which means that customers don't even have to think about it. A prominent security feature of Android Nougat is file-based encryption (FBE). File-based encryption implies that each file gets encrypted with a different key, and the keys can be unlocked independently of one another. FBE also differentiates between device encrypted (DE) data and credential encrypted (CE) data.
Nougat also combines the unlock and decrypt screens, which means there is one less step to unlocking your encrypted phone. Apps like alarm clocks, accessibility settings, and phone calls are immediately available after the phone reboots.
The system-wide security technology used on Pixel phones is TrustZone. TrustZone is a hardware-based feature on ARM processors, like the new Snapdragon 821. Starting with Nougat, all disk encryption keys are stored encrypted using TrustZone. It secures the data in two ways:
TrustZone enforces the Verified Boot process. If TrustZone detects that the operating system has been modified, it won't decrypt disk encryption keys; this helps to secure device encrypted (DE) data.
TrustZone enforces a waiting period between guesses at the user credential, which gets longer after a sequence of wrong guesses. With 1624 valid four-point patterns and TrustZone's ever-growing waiting period, trying all patterns would take more than four years. This improves security for all users, especially those who have a shorter and more easily guessed pattern, PIN, or password.
Additionally, the Snapdragon 821 lets the phones write encrypted data at line speed to the flash memory. To accomplish this, the Android team modified ext4 encryption so that it could use the specialized hardware. The team added an essential reference to the biostructure (basic container for block I/O in Linux kernel). The inline encryption block driver was modified to pass this along to the hardware.
So what does all of this mean? It means that thanks to Google's new encryption by default mantra Pixel's user data is safer than their Nexus counterparts. How much safer? Only time will tell, but advanced users and cryptographers can take a look at the source code for the Pixel kernel.