Building a Signing Server

 Posted on December 18, 2017  |  Hans-Christoph Steiner

The Android APK signing model sets the expectation that the signing key will be the same for the entire lifetime of the app. That can be seen in the recommended lifetype of an Android signing key: 20+ years. On top of that, it is difficult to migrate an app to a new key. Since the signing key is an essential part to preventing APKs from impersonating another, Android signing keys must be kept safe for the entire life of the app. [Read More]
bazaar  F-Droid  fdroid  hardware  howto  hsm  identity  security  signing  signing key  smart card  tor 

First working test of IOCipher for Obj-C

 Posted on January 26, 2015  |  Hans-Christoph Steiner

Every so often, we revisit our core libraries in the process of improving our existing apps, and creating new ones. IOCipher has become a standard part of our apps since it provides a really easy way to include encrypted file storage in Android apps. And we are now working on spreading it to iOS as well, headed up by Chris Ballinger, with the first preliminary tests of IOCipher for Obj-C. Testing and contributions are most welcome! [Read More]
Android  encryption  full disk encryption  hsm  iocipher  ios  mobile  obj-c  osx  prototype  security  smartcard  sqlcipher 

Security in a thumb drive: the promise and pain of hardware security modules, take one!

 Posted on March 28, 2014  |  Hans-Christoph Steiner

Hardware Security Modules (aka Smartcards, chipcards, etc) provide a secure way to store and use cryptographic keys, while actually making the whole process a bit easier. In theory, one USB thumb drive like thing could manage all of the crypto keys you use in a way that makes them much harder to steal. That is the promise. The reality is that the world of Hardware Security Modules (HSMs) is a massive, scary minefield of endless technical gotchas, byzantine standards (PKCS#11! [Read More]
Android  ant  bazaar  encryption  hardware  howto  hsm  identity  jarsigner  keytool  openssl  smartcard