[guardian-dev] Progress on SQLCipher for Android

Nathan of Guardian nathan at guardianproject.info
Tue Aug 30 23:20:43 EDT 2011

On 08/30/2011 10:54 PM, Moritz Bartl wrote:
> I looked at it and was wondering: Doesn't a PIN protection give the
> impression of false security in regard to simple brute force attacks?

I would love to brainstorm on effective usable designs for long
passphrase entry on a mobile device. Perhaps an open-ended passphrase
field makes more sense, so the user can device how strong they want it
to be. I've also though about using a QRCode scanner to read a very long
key in the form of QR Code you print out, and keep in your wallet.

In terms of what SQLCipher does with the short passphrase (aka "PIN")
once you enter it, I do feel comfortable there:

from http://sqlcipher.net/design/
"When initialized with a passphrase SQLCipher derives the key data using
PBKDF2 (OpenSSL’s PKCS5_PBKDF2_HMAC_SHA1). Each database is initialized
with a unique pseduo-random salt in the first 16 bytes of the file. This
salt is used for key derivation and it ensures that even if two
databases are created using the same password will not have the same
encryption key."

> Also, I think a lot of users might confuse the "Enter PIN" dialog with a
> dialog requesting them to enter their phone/SIM pin.

Right.. okay, well I think we will change to using "passphrase" or some
other mechanism in our demo app.

Thanks for the feedback!

More information about the Guardian-dev mailing list