Android - Does full device encryption protect my data from Google and the government?
Google has no idea what the encryption key for your device is. The entire process takes place on your device and the key is never transmitted anywhere. The key itself is also not stored in plaintext on your device:
Storing the encrypted key
The encrypted key is stored in the crypto metadata. Hardware backing is implemented by using Trusted Execution Environment’s (TEE) signing capability. Previously, we encrypted the master key with a key generated by applying scrypt to the user's password and the stored salt. In order to make the key resilient against off-box attacks, we extend this algorithm by signing the resultant key with a stored TEE key. The resultant signature is then turned into an appropriate length key by one more application of scrypt. This key is then used to encrypt and decrypt the master key.
So even if someone had a copy of your encrypted master key, they could not decrypt it without the TEE key from your device's SoC.
Therefore, outside of a flaw in the implementation, full device encryption will prevent anyone from accessing your data unless they know/obtain your password OR can guess your password (e.g via brute-forcing it or some kind of social engineering techniques). On devices that lack the necessary hardware-backing, FDE will attempt to encrypt the key using a software-only method.