On Wed 2016-03-23 15:27:06 -0400, Tom Ritter wrote:
> The strategy I want to see someone POC is using secure enclaves for
> this. Either SIM cards (specifically a dual-SIM phone combined with
> SEEK for Android) or Android's new 'Trusty' API. Write a javacard or
> whatever 'applet' that lives in the Secure Enclave. It enforces '10
> wrong attempts, and I delete the key'. This mimics iOS's Secure
> Enclave but now we have it on a per-app basis.
In this case, the enforcement needs to be done inside an applet that
cannot be backed up and restored, right? Does a SIM card meet that
promise? (disclaimer: i know nothing about SIM cards, feel free to
point me at the relevant reading)
--dkg
_______________________________________________
Messaging mailing list
[email protected]
https://moderncrypto.org/mailman/listinfo/messaging
