applications – How does Android’s FBE store each key used to encrypt each corresponding file?

I am very new to Android’s FBE and still learning the basics.

From what I could understand, the way FBE works is that for each file to be stored on the disk, the kernel requests for a key from some secure hardware logic. The kernel then assigns this key to the file to be encrypted and is then stored on the disk. When that file is read from the disk in future, the kernel will use the same key to decrypt it. 

  1. Since there are multiple files that use multiple keys, who keeps track of the key used to encrypt each file?
  2. Are these details stored in some secure non-volatile memory? If the device is reboot, and the keys removed from RAM, how is this information mapped again?
  3. If some files are deleted on the disk, do the keys get re-used?

foreign key – PostgreSQL Generate create Forging keys from information schema or pg_constraint

Recently on a testing infra, to restore multiple tables(via copy command) I dropped all the foreign keys.
I have restored this database schema dump into a different database before dropping the FK.

Is there any way that I can generate the create FK from information schema or pg_constraint?

I tried to get it from dump file, but the create table statement itself having the FK(not an Alter table statement).

Any suggestions?

keyboard – Should I use the name “Enter” or “Return” key?

To be frank, only a selected few are aware that the Enter and Return keys are not the same – whether you refer to it as Enter or Return, users will press either buttons (if they have both buttons). This is due to the fact that on very few software products the Enter and Return keys do different things (Avid’s Pro Tools is the only example I can give).

My own experience is that Enter is a more popular name; “Press the return key” sounds odd, while “Press Enter” sounds natural. I fail to see anyone to whom you’ll say “Press Enter” going “Hu?”, while I can imagine this happening if you’ll say “Press Return”. But that’s just me and based on my own subjective experience; perhaps in Norway they use Return more than Enter. However, as you said, a search for “Press Enter” on Google yields 15 million results, while “Press Return” yields less than a million.

If I had been you I wouldn’t worry about it so much and use Enter.


Trivia

The term Return is a shorthand for Carriage Return.

Originally, the term carriage return referred to a mechanism or lever on a typewriter. It was used after typing a line of text and caused the assembly holding the paper (the carriage) to return to the right so that the machine was ready to type again on the left-hand side of the paper.

Source: Wikipedia.

Apple T2 chip endorsement key

Does Apple’s T2 chip have an endorsement key (or equivalent mechanism) to prove that another T2 key can only be used inside the secure enclave? We are looking for something like what a TPM provides so that a remote system can be assured that the key in use is secured by the T2 chip.

filevault – Is there a Recovery Key for encrypted external drives?

The short answer is no.

When you use FileVault, you are encrypting the entire boot volume, not just a single volume or folder.

If you’re looking for something where you can encrypt a removable volume (i.e. USB drive), take a look at VeraCrypt where it allows you to have both password and keyfile authentication. It’s also cross platform which is definitely a plus.

bip 32 hd wallets – Is there a simpler form of BIP32-like key derivation?

I’ve read about BIP32 key derivation functions, and also:

Any Elliptic Curve could work in the BIP32 scheme. The only property
of a Curve that BIP32 relies on is that a * G + b *G = (a + b mod N) *
G, which is true for any Elliptic Curve.

(from Is BIP 32 Technology Cryptographic Curve Agnostic?.)

Are there simpler forms of weak-child-only key derivations? (I’m guessing that the HMAC, splitting and concatenation is unneeded for a simpler/weaker scheme. Such a scheme would just have a large number of weak children and no layers/tree.)

Is a simpler scheme possible? (I’m asking about cryptography generally, not whether it’s a good idea for Bitcoin.)