On 14 January 2015 at 01:53, Hans-Christoph Steiner <[email protected]> wrote: > As for techniques for better managing a password without having the user enter > one, that I haven't looked deep into because I believe it is ultimately > futile. If the user does not need to enter the password to unlock something, > neither will anyone else. > > One minor improvement would be using a hardware security module (HSM) to > manage the password in this kind of setup. As far as I understand how they > are implemented in smartphones, a forensic data acquisition would not be able > to get the keys out of the HSM. So then the actual device would be required > in order to unlock the encryption.
This line of research is very interesting to me. I'm not 100% certain I know what you mean by using an HSM though. I guess you mean similar to iPhone, where there is a Secure Element on the phone that performs crypto operations with a key, and therefore you must query that element then performing brute force attacks to decrypt data? It's a step up, certainly, but ultimately the security relies on the password itself. And for mobile phones I think we need to find a solution that gives adequate security when using 4 digit PINs and Swipes. Anything else... it's tough to get people to adopt. My main idea for this is use a SIM or other UUIC with a JavaCard applet. You enter a 4-digit pin (so simple, so easy!) and if correct, the JavaCard applet releases a symmetric key (or key material or asymmetric private key or whatever) that the app uses and keeps in memory. If you enter the wrong pin 5 times in a 5 minute window (or however you implement it) - the symmetric key is wiped. This prevents fast brute forcing and instead resolves to very slow, careful brute forcing which you can mathematically choose to limit at your discretion - or really good guessing. Requires: Ability to load a JavaCard applet to a UUIC, APIs in Android to do so, a SIM that lets you load stuff. OpenCard is a new mechanism that, combined with SEEK for Android, might make this a possibility if you jump through hoops with your ROM. This is a problem businesses grapple with too. The right combination of players might be able to effect change here. -tom _______________________________________________ Guardian-dev mailing list Post: [email protected] List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To Unsubscribe Send email to: [email protected] Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/archive%40mail-archive.com You are subscribed as: [email protected]
