2

I'm working on the topic on how to securely store sensitive data on an Android device. Of course there's no 100% secure method, I'd like to get as secure as possible.

I've read through the official recommendations.

Just as an example, I have an app that stores text (e.g. private diary). The text is stored in an xml file, which is encrypted (aes256) with a key, that is stored in the Android KeyStore.

This should mean that the data is stored securely in the encrypted xml file. A root user can still access the key from the KeyStore and decrypt it, or fetch the data once its decrypted by the app.

However, this also means that every app uses the same key. So I can install the app on my phone and use my key to decrypt xml diary files from other phones.

The question is, how do I create a key or at least the salt, that is unique per app installation?

Phantômaxx
  • 36,442
  • 21
  • 78
  • 108
GarlicCheese
  • 31
  • 3
  • from your link: *"Use existing cryptographic algorithms, such as the implementations of AES and RSA provided in the Cipher class."*. They will create unique keys. – Skandix Nov 07 '18 at 11:40

1 Answers1

1

The Key Derivation Function KFSs are just for this

From the Wikipedia;

In cryptography, a key derivation function (KDF) derives one or more secret keys from a secret value such as a master key, a password, or a passphrase using a pseudorandom function.

You can use Argon2 was the winner of Password Hashing Competition.

Choose the IMEI number as one of the parameters, the user's password and a random number from the phone.

kelalaka
  • 4,046
  • 4
  • 22
  • 39
  • 1
    to get IMEI you need some rights. Maybe also good tip is to use: android.os.Build.MODEL; or other – Dawid Drozd Nov 07 '18 at 12:19
  • Thank you for the suggestion. Wouldn't it be more reasonable to use a completely random value (i.e. Generate a random AES key using into Android Keystore)? – GarlicCheese Nov 07 '18 at 13:50
  • [Android Keystore](https://developer.android.com/training/articles/keystore#SupportedKeyGenerators) uses AES and HMAC-SHA series; read [this answer(https://crypto.stackexchange.com/a/54587/61539), now upto you – kelalaka Nov 07 '18 at 20:08