Revision history [back]

Related to requests like https://together.jolla.com/question/2158/optional-encryption-of-the-device/ I would suggest to save the encryption keys inside the SIM card.

The boot and mount process should be like this: 1. Automatically boot up and until SIM card is ready 2. Ask user for SIM card pin, then open SIM card 3. Retrieve encryption key from SIM card memory and mount the user's home folder 4. Continue startup until "start screen"

The SIM card is designed to be hard to crack both by software and physically. The PIN/PUK-code system protects from brute force attacks. The phone OS parts should stay unencrypted (they shouldn't anyway contain any sensitive user data) and the phone should be able to boot up and until the SIM card needs to be opened without asking the user for any encryption keys. Then all the user ever needs to know and enter is the phone SIM card PIN, which they anyway need to rember.

This way double/triple PINs and lock screens could be avoided. The SIM card PIN code could be kept in memory and reused for lock screen PIN.

Related to requests like https://together.jolla.com/question/2158/optional-encryption-of-the-device/ I would suggest to save the encryption keys inside the SIM card.

The boot and mount process should be like this: 1. this:

1. Automatically boot up and until SIM card is ready 2. ready
2. Ask user for SIM card pin, then open SIM card 3. card
3. Retrieve encryption key from SIM card memory and mount the user's home folder 4. folder
4. Continue startup until "start screen"

The SIM card is designed to be hard to crack both by software and physically. The PIN/PUK-code system protects from brute force attacks. The phone OS parts should stay unencrypted (they shouldn't anyway contain any sensitive user data) and the phone should be able to boot up and until the SIM card needs to be opened without asking the user for any encryption keys. Then all the user ever needs to know and enter is the phone SIM card PIN, which they anyway need to rember.

This way double/triple PINs and lock screens could be avoided. The SIM card PIN code could be kept in memory and reused for lock screen PIN.

Related to requests like https://together.jolla.com/question/2158/optional-encryption-of-the-device/ I would suggest to save the encryption keys inside the SIM card.

The boot and mount process should be like this:

1. Automatically boot up and until SIM card is ready
2. Ask user for SIM card pin, then open SIM card
3. Retrieve encryption key from SIM card memory and mount the user's home folder
4. Continue startup until "start screen"

The SIM card is designed to be hard to crack both by software and physically. The PIN/PUK-code system protects from brute force attacks. The phone OS parts should stay unencrypted (they shouldn't anyway contain any sensitive user data) and the phone should be able to boot up and until the SIM card needs to be opened without asking the user for any encryption keys. Then all the user ever needs to know and enter is the phone SIM card PIN, which they anyway need to rember.

This way double/triple PINs and lock screens could be avoided. The SIM card PIN code could be kept in memory and reused for lock screen PIN.

Related to requests like https://together.jolla.com/question/2158/optional-encryption-of-the-device/ I would suggest to save the encryption keys inside the SIM card.

The boot and mount process should be like this:

1. Automatically boot up and until SIM card is ready
2. Ask user for SIM card pin, then open SIM card
3. Retrieve encryption key from SIM card memory and mount the user's home folder
4. Continue startup until "start screen"

The SIM card is designed to be hard to crack both by software and physically. The PIN/PUK-code system protects from brute force attacks. The phone OS parts should stay unencrypted (they shouldn't anyway contain any sensitive user data) and the phone should be able to boot up and until the SIM card needs to be opened without asking the user for any encryption keys. Then all the user ever needs to know and enter is the phone SIM card PIN, which they anyway need to rember.remember.

This way double/triple PINs and lock screens could be avoided. The SIM card PIN code could be kept in memory and reused for lock screen PIN.

EDIT - more details:

If the SIM card is missing or if the key cannot be found from the SIM card, or key is found but it does not work, the UI should simply say that "Unable to retrieve user data encryption key from SIM card. Please power off, check that SIM card is in place and is the same as used when encryption was activated, or is one that has had the encryption key exported to."

Then maybe behind some "More information" button: If you have lost the encryption key or if you want to discard all user data and reset encryption, press choose Reset home folder and loose data -option from pulley menu.

Naturally in Settings there should be the option to export the key as file/string somewhere, and some tools to import key from file X into SIM card. There should also be at first boot a warning like "If you loose your SIM card data will also be lost. Please back up encryption key in Settings > Encryption" etc.

I think that much of the UI logic of how eCryptFS works in Ubuntu could be followed to get a simple to use yet fully featured solution.