5

Given that it is not possible to store a symmetric key using the Android KeyChain API, is the following a secure way to store a symmetric key:

Part One: Key Generation and Storage

  1. Generate symmetric_key
  2. Generate (private_key, public_key), store them in the KeyChain
  3. Encrypt the symmetric_key using the public_key as follows: encrypted_symmetric_key = public_encrypt(symmetric_key)
  4. Store encrypted_symmetric_key in local storage (SharedPreferences, SQLite, etc.)

Part Two: Using the symmetric_key

When the app wants to encrypt/decrypt something it:

  1. Loads the private_key into memory from the KeyChain
  2. Loads the encrypted_symmetric_key from disk
  3. Obtains symmetric_key := private_decrypt(encrypted_symmetric_key)
  4. encrypt(symmetric_key, some_message) or decrypt(symmetric_key, some_ciphertext)

Concerns:

  1. Would a rooted user be able to obtain the (private_key, public_key) pair?
  2. If the phone is not rooted, is the app that created the (private_key, public_key) pair the only user that can read the keypair?
Improve this question
1
  • The security depends on the Android version and if the device has a hardware or software keystore. Commented Feb 18, 2015 at 21:26

1 Answer 1

Reset to default
1

According to the documentation (https://developer.android.com/reference/android/security/KeyChain.html): The KeyChain class provides access to private keys and their corresponding certificate chains in credential storage.

Private key means that it's asymmetric (the private and public key are the two parts of an asymmetric key).

In your part 1 - you describe the preferred way to store a symmetric key on an Android device. Your part 2 is correct as well (at least to my knowledge).

As for your concerns - you are also correct. On a rooted device - the keys stored on the devices are vulnerable , and can be obtained by a person with access to that device. On a non rooted device - only the app will have access to the keys it creates.

In regard to rooting - you can use a root detection lib like RootShell (https://github.com/Stericson/RootShell) to detect if the device is rooted and then act accordingly (disable you app on that device or something similar) and you should also look into Google's SafetyNet (https://developer.android.com/training/safetynet/index.html) to detect if the device is tampered with (it detects rooting as well).

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.