Proposal: Personal Data Encryption (maybe SoC?)

Tobias Gruetzmacher nospam at portfolio16.de
Sat Mar 17 11:51:31 CET 2007 

Hi,

I have followed the discussions about elaborate schemes for theft 
protection on this list, but I think most of them shoot in the wrong 
direction. Sure, it is desirable to get your phone back, but in reality 
that is normally not the case.

So while we aren't really able to protect the phone from being stolen, we 
should try our best to protect the data the user has on the phone from 
being of any use to the thief.

What I'm proposing is a user-friendly encryption scheme of the data the 
user stores in his phone, so any illegitimate user will not be able to 
get personal data about the owner of the phone.

Implementation: I'm thinking about using either encfs (needs fuse, maybe 
not such a good idea) or ecryptfs (in-kernel, can make use of the kernel 
crypto-api) for transparent encryption of the user's data.

Different modes:

1. No encrytion - this will be the mode the phone will be in when the 
user receives it. All data is stored unencrypted.

2. "SIM-binding" - this retrieves/stores a secret on the SIM card, that 
can only be accessed when the correct PIN for the SIM was entered. The 
secret is retrieved from the SIM card and used as a key for encfs/
ecryptfs to decrypt the users data

3. "Paranoia mode" - the user will be able to set his own pass phrase for 
the encrypted data. This may save the SIM PIN code in the encrypted area 
to still be able to operate the phone with only one secret.

Switching between these modes should be transparent to the user. It 
should be possible to create a "master key" the user should store in a 
secret place, so that he can retrieve his data when he forgets his pass 
phrase. This could be of help even in mode 2, when the SIM gets locked or 
damaged.

When the phone is locked and in stand-by, the user should be able to take 
calls without entering the secret, but for total unlocking, the secret 
must be entered. Remote access to the phone should be disabled while it 
is locked to not compromise security.


Summer of Code?

Since I really think this is a desirable feature for a mobile phone, I'd 
like to implement it as a Summer of Code project.

I have experience in most modern (and some ancient) programming 
languages, including C, C++, Java, Python, Perl, Ruby. I have already 
worked with GTK+ and think it is a very good toolkit.

If someone would be willing to mentor me, I'd love to apply.

Greetings, Tobi

-- 
GPG-Key 0xE2BEA341 - signed/encrypted mail preferred
My, oh so small, homepage: http://portfolio16.de/
http://www.fli4l.de/ - ISDN- & DSL-Router on one disk!
Registered FLI4L-User #00000003

More information about the community mailing list