Android - 安全存储

Question

How I do to store a secret key in a android device with the only possibility to use the key, not retrieve it. Eg: I import a private/generate a RSA keypair or a symmetric key from a application to this "secure storage". Now, NOBODY should be able to retrieve the secret key, not even the original application. (The non-secret part of key - the public key of a RSA keypair - but no part of a symmetric key - should still be retrieveable, especially if the key is generated in the secure storage)

The keystore should now act as a black box, providing a input for encrypted data and a output for decrypted data, eg I feed my encrypted values that I want to decrypt, and gets the decrypted values back.

Its a big plus if this is implemented in a hardware security chip in the android device, like a smart card chip, which is tamper-resistant, which would also keep the keys secure even if the device is rooted & cloned.

Any ideas which android mobile phones, that has such a tamper-resistant chip? Any ideas on how to use such a storage?

Found a similiar question: Android Secure Storage but this does not answer my questions.

Answer 1

I'll answer this but with reservation.

https://developer.android.com/training/articles/keystore.html

"Key material may be bound to the secure hardware (eg, Trusted Execution Environment (TEE), Secure Element (SE)) of the Android device. When this feature is enabled for a key, its key material is never exposed outside of secure hardware ."

So you enable the feature for the key. However,

"If the Android OS is compromised or an attacker can read the device's internal storage, the attacker may be able to use any app's Android Keystore keys on the Android device , but not extract them from the device."

This is due to Android allowing the keys to be used without the secret which is inherently unsafe. Hence my reservation.

In answer to android devices with the secure chip I'd say to a search. Seems TEE socs have been around for a while.

secret: [ ______________ ]

Answer 2

Found out what you need to do to get secure storage on Android:

You need to buy a Secure MicroSD card, one which conforms to the ASSD specification (Advanced Security SD). That is a MicroSD card that contains a Secure Element, often a PKI solution where you can generate a private key on-card so the private key is impossible to extract, but the public key can be extracted and use it to encrypt things that only the MicroSD card can decrypt.

Two examples is CertGate MicroSD (which is available as a consumer version called "SmartCard-HSM Android") and one that is no longer available in consumer version, is the G&D Mobile Security Card.

That makes it a secure storage that CANNOT be hacked by a rooted phone, and it CANNOT be copied, impossible per the definition. Only way is to brute-force the private key using the public key as verification if you hit correctly. But if you use RSA-2048, that is technically impossible too.

The reason is that the Phone Manufacturers seems to lock the built-in Phone Secure Element to manufacturer approved apps, so you cannot use it arbitrarily. Only way is actually add a Secure Element to the phone in the form of a MicroSD card.

(This answer is only valid for Android versions prior to 5.0)

Answer 3

You might check out CertStore or KeyStore , although I do not know how these are implemented on Android. I did some searching around but couldn't find any promising examples, and actually found a post on the Android-Security-Discussions group indicating that this might not even work on Android.

Answer 4

What you are asking is impossible. A user with a jail-broken device has more control over the device than you do. There is no place to hide anything, and there never will be. What you are looking for is "(in) Security Though Obscurity ".