CacheWord is an Android library project for passphrase caching and management.
It helps app developers securely generate, store, and access secrets derived
from a user’s passphrase. It is designed to work easily with IOCipher and SQLCipher-for-Android, but it can be used any time an app needs to manage a password. Broadly speaking this library assists developers with two related problems:
- Secrets Management: how the secret key material for your app is generated, stored, and accessed
- Passphrase Caching: store the passphrase in memory to avoid constantly prompting the user
CacheWord manages key derivation, verification, persistence, passphrase resetting, and caching secret key material in memory.
- Strong key derivation (PBKDF2)
- Dynamic KDF iteration count based on CPU speed
- Secure secret storage (AES-256 GCM)
- Persistent notification: informs the user the app data is unlocked
- Configurable timeout: after a specified time of inactivity the app locks itself
- Manual clearing: the user can forcibly lock the application
Source Code Repository
- library, helpers, tests, and sample project: https://github.com/guardianproject/cacheword
The binary jar, source jar, and javadoc jar are all available on jcenter. To include them using gradle, add this line to your build.gradle:
Otherwise, the files can also be downloaded directly from jcenter, including the PGP signatures: