[liberationtech] Android Full-Disk Encryption Cracked
Seth David Schoen
schoen at eff.org
Mon Apr 29 13:46:44 PDT 2013
Nathan of Guardian writes:
> Yubikey combined with a short user password is a potential option for the second idea, with devices that have USB Host mode:
>
> https://guardianproject.info/2012/01/04/strong-mobile-passwords-with-yubikey-usb-token/
That's pretty awesome, and very creative.
I hope people will pay attention to this sentence in your post:
By combining the long password from the Yubikey with a short memorized
version, a certain amount of security is preserved even if the key is
physically stolen along with your mobile device.
So users shouldn't skip the short memorized password part! (In
that scenario, the security level is probably reduced to the
length of the user password. One could imagine a future Yubikey
using NFC in an interactive protocol in a way where this is no
longer true, but maybe tamper-resistant key storage inside phones
is likely to come about sooner.)
--
Seth Schoen <schoen at eff.org>
Senior Staff Technologist https://www.eff.org/
Electronic Frontier Foundation https://www.eff.org/join
815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
More information about the liberationtech
mailing list