Friday, January 2, 2009

Android G1 Encryption & Keystore Infrastructure

A group of us in collaboration between the Android Password Safe project and the Openintents project have implemented a cryptography service and a keystore service which other Android applications can use to keep data and passwords safe, in a way that's convenient for the end user.

Read all about about it on the wiki! Discussion, source code, pretty pictures are available.
Our system allows a single password, and periodic single sign-on so that all applications can encrypt, decrypt, and store keys using the same master password that the user enters once.

We hope other Android developers will read this and get excited and offer to help with implementation details, modify their applications to use our Intents, and help verify our cryptography implementation. We also want feedback on user experience, security permissions, and other such items :)

All the major features are implemented, but we do not yet have a release plan; we want to be sure that early adopters won't have any data that they'll never be able to decrypt :)
Read more.

No comments:

Post a Comment