Question

然而,我对实施安乐、黑莓和J2ME的加密储存(加密档案系统)。页: 1

我知道这个问题太长了,但希望读到底(我有这么多相关问题,我不得不把这些问题分成几个员额)。请让我就我的至少一个问题(Doubts part)提供一些反馈。

感谢

Objective

目前,我正在设计一个多平台储存系统,在支持的移动 Java平台下提供同样的接口和能力:

J2ME. Minimum configuration/profile CLDC 1.1/MIDP 2.0 with support for some necessary JSRs (JSR-75 for file storage).
Android. No minimum platform version decided yet, but rather likely could be API level 7.
Blackberry. It would use the same base source of J2ME but taking advantage of some advaced capabilities of the platform. No minimum configuration decided yet (maybe 4.6 because of 64 KB limitation for RMS on 4.5).

基本而言,APIC将分为三类:

Files. These would allow standard directory/file manipulation (read/write through streams, create, mkdir, etc.).
Preferences. It is a special store that handles properties accessed through keys (Similar to plain old java properties file but supporting some improvements such as different value data types such as SharedPreferences on Android platform)
Local Message Queues. This store would offer basic message queue functionality.

Considerations

在JSR-75的启发下,所有类型的商店都将以统一的方式通过下述网址获得:公约,但附有习惯定义的预设文件(即:文件http://”、“prefs://”或“queue://”用于电文查询。该地址指的是每个移动平台安装将绘制成物理储存物体的虚拟地点。只有档案才能允许等级储存(文件夹)和获取外部敲诈记忆卡(采用单位名称,与JSR-75相同的方式),但这不会改变,而不论基础平台如何。其他类型只能支持固定储存。

该系统还应支持所有基本类型<>的安全版本。用户将通过在URL中预先确定“s”而不是“file://”来表示。仅限一个PIN(仅限一次使用)进入任何种类的安全物体。

Implementation issues

为了实施便衣和加密的储存,我将使用基础平台上的现有功能:

Files. These are available on all platforms (J2ME only with JSR-75, but it is mandatory for our needs). The abstract File to actual File mapping is straight except for addressing issues.
RMS. This type of store available on J2ME (and Blackberry) platforms is convenient for Preferences and maybe Message Queues (though depending on performance or size requirements these could be implemented by means of normal files).
SharedPreferences. This type of storage, only available on Android, would match Preferences needs.
SQLite databases. This could be used for message queues on Android (and maybe Blackberry).

在加密方面,应当满足一些要求:

To ease the implementation it will be carried out on read/write operations basis on streams (for files), RMS Records, SharedPreferences key-value pairs, SQLite database columns. Every underlying storage object should use the same encryption key.
Handling of encrypted stores should be the same as the unencrypted counterpart. The only difference (from the user point of view) accessing an encrypted store would be the addressing.
The user PIN provides access to any secure storage object, but the change of it would not require to decrypt/re-encrypt all the encrypted data.
Cryptographic capabilities of underlying platform should be used whenever it is possible, so we would use:
- J2ME: SATSA-CRYPTO if it is available (not mandatory) or lightweight BoncyCastle cryptographic framework for J2ME.
- Blackberry: RIM Cryptographic API or BouncyCastle
- Android: JCE with integraced cryptographic provider (BouncyCastle?)

My Doubts. Help Wanted Here

达到这一点一些人怀疑,考虑到管道的局限性,解决办法会更加方便。这些是my疑虑:

Encryption Algorithm for data. Would AES-128 be strong and fast enough? What alternatives for such scenario would you suggest?
Encryption Mode. I have read about the weakness of ECB encryption versus CBC, but in this case the first would have the advantage of random access to blocks, which is interesting for seek functionality on files. What type of encryption mode would you choose instead? Is stream encryption suitable for this case?
Key generation. There could be one key generated for each storage object (file, RMS RecordStore, etc.) or just use one for all the objects of the same type. The first seems "safer", though it would require some extra space on device. In your opinion what would the trade-offs of each?
Key storage. For this case using a standard JKS (or PKCS#12) KeyStore file could be suited to store encryption keys, but I could also define a smaller structure (encryption-transformation / key data / checksum) that could be attached to each storage store (i.e. using addition files with the same name and special extension for plain files or embedded inside other types of objects such as RMS Record Stores). What approach would you prefer? And when it comes to using a standard KeyStore with multiple-key generation (given this is your preference), would it be better to use a record-store per storage object or just a global KeyStore keeping all keys (i.e. using the URL identifier of abstract storage object as alias)?
Master key. The use of a master key seems obvious. This key should be protected by user PIN (introduced only once) and would allow access to the rest of encryption keys (they would be encrypted by means of this master key). Changing the PIN would only require to reencrypt this key and not all the encrypted data. Where would you keep it taking into account that if this got lost all data would be no further accesible? What further considerations should I take into account?
Platform cryptography support. Do SATSA-CRYPTO-enabled J2ME phones really take advantage of some dedicated hardware acceleration (or other advantage I have not foreseen) and would this approach be prefered (whenever possible) over just BouncyCastle implementation? For the same reason is RIM Cryptographic API worth the license cost over BouncyCastle?

欢迎任何评论、批评、进一步考虑或采取不同的做法。

Answer 1

我的第一个想法是:

。 AES是一种相当快的算法,但如果你想确保AES-256足够强大的话,你可以采用AES-256。尽管我认为,如果你真想(例如记忆中的关键)的话,就更容易破坏这一制度? 阅读个人信息网络代码?

Master key: 如果用户失去主干,你就无法做任何事。这是整个点! 如果是后门,则由黑客发现和使用。

和所有安全问题一样,你想做多少努力来避开黑客。这主要涉及如何普及和广泛使用该方案。

Answer 2

其他问题是什么? 页: 1

ECB vs CBC

在我看来,欧洲中央银行似乎应当被排除在外,但CBC将提供更大的安全,范围更大。我读到了 XTS,用于真实Crypt,因为CBC的四级产品从编块指数中得出,因此说服它们。

Keystorage

在每个档案库内储存加密钥匙的一个不利之处是,如何对钥匙进行骚扰——和;只有密码(至少是JKS和BouncyCastle KeyStores)。我想用我的主干(即AES-256)对其进行加密。

Key generation

我忽略了一个关键点。关键的代人性是什么? 在什么地方,我应在移动电话中选取一个相当“好”的钥匙。加密档案的关键应在用户不干预的情况下自行生成。

Answer 3

JFYI:我们将在2周内释放我们的