CacheWord: Passphrase Caching and Management



CacheWord is an Android library project for passphrase caching and management.
It helps app developers securely generate, store, and access secrets derived
from a user’s passphrase. It is designed to work easily with IOCipher and SQLCipher-for-Android, but it can be used any time an app needs to manage a password. Broadly speaking this library assists developers with two related problems:

  1. Secrets Management: how the secret key material for your app is generated, stored, and accessed
  2. Passphrase Caching: store the passphrase in memory to avoid constantly prompting the user

CacheWord manages key derivation, verification, persistence, passphrase resetting, and caching secret key material in memory.

Features

  • Strong key derivation (PBKDF2)
  • Dynamic KDF iteration count based on CPU speed
  • Secure secret storage (AES-256 GCM)
  • Persistent notification: informs the user the app data is unlocked
  • Configurable timeout: after a specified time of inactivity the app locks itself
  • Manual clearing: the user can forcibly lock the application

Source Code Repository

Downloads

The binary jar, source jar, and javadoc jar are all available on jcenter. To include them using gradle, add this line to your build.gradle:

implementation 'info.guardianproject.cacheword:cachewordlib:0.1.1'

Otherwise, the files can also be downloaded directly from jcenter, including the PGP signatures: