I want to create an application for the Android tablets and/or iPad that's going to hold a lot of sensitive data that needs to be encrypted.
I'm thinking about two possible ways of dealing with that problem:
- Implement (or use an implementation) of some well known encryption algorithm, but that leaves a problem of passing private key as it probably be best if user has to enter 1024 bytes key from the on-screen keyboard on each start of the application
- Using a hardware encryption device (smart card, etoken etc.) - that's probably one of the most secure ways of doing that but here the problem is how can you insert the hardware device to a tablet. I assume you can probably find few Android devices that will have USB port but does anyone know how are those kind of devices supported on Android? I think it makes little sense of thinking about that kind of solution on an iPad since there's no USB on it. Another downsize of this whole approach is it makes a life a bit more complicates as you need to carry cryptographic device with you all the time.
I should probably add that for this application we don't need to have it working on every possible device - we could limit to one device (Android or iPad) as we are providing both hardware and software. Same goes for external cryptographic devices.
Security is the primary concern for the customer and I'd like to know if anyone have dealt with similar situations and what solutions have you used?
Android has an open project called open-intents Open Safe
http://www.openintents.org/en/safe
It is a very good place to start for android development. You can develop your code based on an existing application and work on something that this application lacks.
RaYell javax.crypto fully supports AES, 256 bit keys, Initialization Vectors, and hashing of passwords. You can write your own simple password strength checker and then seed the password and repeatedly hash the seeded password to derive the key. You may or may not need to apply for an Export License before you publish the app. I would think yes.
JAL
You will be using a symmetric encryption algorithm if you are going to hold A LOT of sensitive data. There will be no private key or public key involved. (Maybe you used the word private key to emphasize that its private to the user)
Also, the key would be 256-bits maximum, usually (At least for AES).
And a user does not necessarily have to enter a 256 bit key. Look @ PBKDF2. It derives a cryptographically secure key from a simple string (The strength still depends on the simple string).
Another alternative would be to let the user draw randomly on the tablet and derive a secure key out of that. Similar to TrueCrypt. However true crypt uses the mouse movement to increase the strength of the procedure but not necessarily to generate the key it self.
http://mobileoffice.about.com/od/mobilesecurity/ss/how-to-encrypt-files-with-TrueCrypt_7.htm
The key needs to be stored SOMEWHERE to decrypt (obviously), so drawing definitely is OUT of the question. However a password + PBKDF2 should be the ideal choice.