We have moved to a new Sailfish OS Forum. Please start new discussions there.
22

Save encryption keys on SIM card (e.g. draft SMS)

asked 2013-12-26 23:45:31 +0200

otto gravatar image

updated 2013-12-27 14:46:43 +0200

Related to requests like https://together.jolla.com/question/2158/optional-encryption-of-the-device/ I would suggest to save the encryption keys inside the SIM card.

The boot and mount process should be like this:

  1. Automatically boot up and until SIM card is ready
  2. Ask user for SIM card pin, then open SIM card
  3. Retrieve encryption key from SIM card memory and mount the user's home folder
  4. Continue startup until "start screen"

The SIM card is designed to be hard to crack both by software and physically. The PIN/PUK-code system protects from brute force attacks. The phone OS parts should stay unencrypted (they shouldn't anyway contain any sensitive user data) and the phone should be able to boot up and until the SIM card needs to be opened without asking the user for any encryption keys. Then all the user ever needs to know and enter is the phone SIM card PIN, which they anyway need to remember.

This way double/triple PINs and lock screens could be avoided. The SIM card PIN code could be kept in memory and reused for lock screen PIN.

EDIT - more details:

If the SIM card is missing or if the key cannot be found from the SIM card, or key is found but it does not work, the UI should simply say that "Unable to retrieve user data encryption key from SIM card. Please power off, check that SIM card is in place and is the same as used when encryption was activated, or is one that has had the encryption key exported to."

Then maybe behind some "More information" button: If you have lost the encryption key or if you want to discard all user data and reset encryption, press choose Reset home folder and loose data -option from pulley menu.

Naturally in Settings there should be the option to export the key as file/string somewhere, and some tools to import key from file X into SIM card. There should also be at first boot a warning like "If you loose your SIM card data will also be lost. Please back up encryption key in Settings > Encryption" etc.

I think that much of the UI logic of how eCryptFS works in Ubuntu could be followed to get a simple to use yet fully featured solution.

Using PIN protected SIM card as key storage is almost like using proper smart card solutions and it would be definately unlike.

edit retag flag offensive close delete

Comments

1

What should happen if you change the SIM card?

hardcodes.de ( 2013-12-26 23:52:37 +0200 )edit

@hardcodes.de The UI should simply say that "Unable to retrieve user data encryption key from SIM card. Please power off, check that SIM card is in place and is the same as used when encryption was activated, or is one that has had the encryption key exported to."

otto ( 2013-12-27 00:59:59 +0200 )edit

2 Answers

Sort by » oldest newest most voted
1

answered 2016-02-07 10:01:15 +0200

dietmar gravatar image

I'm aware of an implementation in another product: This was offered commercially by a major mobile operator. Product was named Secure Data. It was designed to store all keys and certificates on the SIM. It was based on a customised SIM having extended memory in place (to answer the storage question). Due to the proprietary retrieval of data it was limited to special devices. AFAIK it is not marketed any more.

Question for encryption in Sailfish remains! I need encrypted mail to limit unintended transport surveillance. This should be of highest priority. Even mainstream leader Apple has understood!

edit flag offensive delete publish link more
0

answered 2013-12-27 04:11:13 +0200

llornkcor gravatar image

I don't know if you can store arbitrary information on the sim card, at least not through ofono.

As well, there is not all that much memory on sim cards, 128k at the most. Typically 32 or 64k.

edit flag offensive delete publish link more

Comments

If there is no better location, then just store the encryption key as a draft SMS (and make the SMS app ignore it so users won't accidentally mess it up). The 160 characters is plenty enough to work as a master encryption key.

otto ( 2013-12-27 14:43:46 +0200 )edit

32k should make for quite a good encryption key.

marsch ( 2014-01-23 14:50:09 +0200 )edit

Actually, one SMS is enough for encryption key. You have 140 characters, which gives you 1120 bits. In LUKS usually only 256 or 512 bits are used for keys.

koudi ( 2014-01-24 12:46:02 +0200 )edit

@koudi SMS is not necessarily stored as 8 bits per character. However, it still gives ample space for a few keys. Very interested in this idea.

javispedro ( 2014-01-24 19:58:32 +0200 )edit
Login/Signup to Answer

Question tools

Follow
6 followers

Stats

Asked: 2013-12-26 23:45:31 +0200

Seen: 1,280 times

Last updated: Feb 07 '16