[liberationtech] Android Full-Disk Encryption Cracked
Nathan of Guardian
nathan at guardianproject.info
Mon Apr 29 12:16:28 PDT 2013
Seth David Schoen <schoen at eff.org> wrote:
>Two ways to address this that come to mind would be using
>tamper-resistant hardware (which apparently Apple is doing
>for crypto in iOS devices) to store or generate the
>decryption keys using cryptographic secrets kept inside
>the particular device itself, and finding some way for
>the user to somehow input a much higher entropy unlock
>password.
Yubikey combined with a short user password is a potential option for the second idea, with devices that have USB Host mode:
https://guardianproject.info/2012/01/04/strong-mobile-passwords-with-yubikey-usb-token/
More information about the liberationtech
mailing list