Proposal: Personal Data Encryption (maybe SoC?)
Tobias Gruetzmacher
nospam at portfolio16.de
Sat Mar 17 11:51:31 CET 2007
Hi,
I have followed the discussions about elaborate schemes for theft
protection on this list, but I think most of them shoot in the wrong
direction. Sure, it is desirable to get your phone back, but in reality
that is normally not the case.
So while we aren't really able to protect the phone from being stolen, we
should try our best to protect the data the user has on the phone from
being of any use to the thief.
What I'm proposing is a user-friendly encryption scheme of the data the
user stores in his phone, so any illegitimate user will not be able to
get personal data about the owner of the phone.
Implementation: I'm thinking about using either encfs (needs fuse, maybe
not such a good idea) or ecryptfs (in-kernel, can make use of the kernel
crypto-api) for transparent encryption of the user's data.
Different modes:
1. No encrytion - this will be the mode the phone will be in when the
user receives it. All data is stored unencrypted.
2. "SIM-binding" - this retrieves/stores a secret on the SIM card, that
can only be accessed when the correct PIN for the SIM was entered. The
secret is retrieved from the SIM card and used as a key for encfs/
ecryptfs to decrypt the users data
3. "Paranoia mode" - the user will be able to set his own pass phrase for
the encrypted data. This may save the SIM PIN code in the encrypted area
to still be able to operate the phone with only one secret.
Switching between these modes should be transparent to the user. It
should be possible to create a "master key" the user should store in a
secret place, so that he can retrieve his data when he forgets his pass
phrase. This could be of help even in mode 2, when the SIM gets locked or
damaged.
When the phone is locked and in stand-by, the user should be able to take
calls without entering the secret, but for total unlocking, the secret
must be entered. Remote access to the phone should be disabled while it
is locked to not compromise security.
Summer of Code?
Since I really think this is a desirable feature for a mobile phone, I'd
like to implement it as a Summer of Code project.
I have experience in most modern (and some ancient) programming
languages, including C, C++, Java, Python, Perl, Ruby. I have already
worked with GTK+ and think it is a very good toolkit.
If someone would be willing to mentor me, I'd love to apply.
Greetings, Tobi
--
GPG-Key 0xE2BEA341 - signed/encrypted mail preferred
My, oh so small, homepage: http://portfolio16.de/
http://www.fli4l.de/ - ISDN- & DSL-Router on one disk!
Registered FLI4L-User #00000003
More information about the community
mailing list