Geek Answers Handbook

Ideas for Multi-Platform Encrypted Java Mobile Storage

Hi, I have some questions (see the "Doubts" section) about the implementation of encrypted storage (the type of encrypted file system) on Android, Blackberry and J2ME. I need your advice, you cryptography masters .

I know this question is a little long, maybe too verbose, but please try to read it to the end (I have so many related questions that I could not divide them into several messages). I would really appreciate it if you could give me some feedback on one of my questions ( Doubts of the part ).

Thank,

 

 

purpose

I am currently developing an API for a multi-platform storage system that will offer the same interface and capabilities on the following supported Java mobile platforms:

  • J2ME . Minimum configuration / profile CLDC 1.1 / MIDP 2.0 with support for some required JSR (JSR-75 for file storage).
  • All Android . There was no decision on a minimal platform, but most likely it could be API level 7.
  • The Blackberry . He will use the same underlying J2ME source, but take advantage of some of the platform's advantages. The minimum configuration has not yet been determined (possibly 4.6 due to a 64K limit for RMS on 4.5).

In principle, the API will have three types of stores:

  • . / (/ , , mkdir ..).
  • Preferences. , , ( java , , , SharedPreferences Android).
  • . .

JSR-75, URL-, RFC 1738, (, "file://" "prefs://" "queue://" ). , . () extorage ( , JSR-75, ). .

. "s" URL (.. "Sfile://" "file://" ). API PIN- ( ) .

, , :

  • . (J2ME JSR-75, ). , .
  • RMS. , J2ME ( Blackberry), , , ( ).
  • SharedPreferences. , Android, Preferences.
  • SQLite. Android (, , Blackberry).

, :

  • , / ( ), RMS Records, SharedPreferences, -, SQLite. .
  • , . ( ) .
  • - , / .
  • , , :
    • J2ME: SATSA-CRYPTO, ( ) BoncyCastle J2ME.
    • Blackberry: API RIM BouncyCastle
    • Android: JCE (BouncyCastle?)

.

, , , . :

  • . AES-128 ? ?
  • . CBC, , . ? ?
  • . (, RMS RecordStore ..) . " ", . , ?
  • . KeyStore JKS ( PKCS # 12) , (-/ / ), ( .. , RMS Record Stores). ? KeyStore ( ), KeyStore, (.. URL- )?
  • . - . PIN- ( ) ( ). PIN- , . , , , ? ?
  • . J2ME, SATSA-CRYPTO, ( , ), ( ) BouncyCastle? API RIM Cryptographic BouncyCastle?

, , .

+5
3

:

: AES - , AES-256, , . , , (, ? PIN-?)

-: -, . ! , .

, , . , .

+1

? , , : - (

CBC

, ECB , CBC . XTS, TrueCrypt, CBC IV, , .

Keystorage

, → ( , JKS BouncyCastle KeyStores). (, AES-256).

. ? , "" . " " .

0

JFYI: we will release Android and iPhone (possibly Blackberry) versions of our virtual SolFS file system , which does everything you plan for 2 weeks. It allows you to perform encryption for both each file and the entire storage. That is, you will reinvent the wheel here.

0
source

More articles:


All Articles