[guardian-dev] A critique of ProofMode

Nathan of Guardian nathan at guardianproject.info
Wed Mar 8 11:56:43 EST 2017


Thanks, Dominik, for the great ideas. Comments within...

On Tue, Mar 7, 2017, at 11:30 AM, Dominik Schuermann wrote:
> 
> > 
> > - Storing the key in a way that can't be exported from the device, even
> > if rooted. I've been looking at the KeyChain API for this. Has anyone
> > had experience storing app generated key data in this way?
> 
> FYI: https://doridori.github.io/android-security-the-forgetful-keystore/
> 
> In OpenKeychain we haven't done this due to usability concerns:
> https://github.com/open-keychain/open-keychain/issues/1642

It seems like based on the fact the user will always have the phone
unlocked when we need to use the key, that we should be fine with using
this service.
https://github.com/guardianproject/proofmode/issues/16

> > - Notarizing the key on a special cloud service (or keybase.io perhaps)
> > to ensure it came from the actual ProofMode app and not a random PGP
> > command line... again, any thoughts on somehow tagging the origins of a
> > key to a specific instance or hardware?
> 
> OpenKeychain supports Linked Identities to link keys to Twitter/GitHub
> etc. An alternative approach to keybase.io. We also wrote Linked
> Identities down as Internet Drafts:
> 
> http://tools.ietf.org/html/draft-vb-openpgp-linked-ids-01
> http://tools.ietf.org/html/draft-vb-openpgp-uri-attribute-01

Oh great! I had no idea you were working on this. It is very important.

> 
> > 
> > - Not running proofmode when a USB device is connected, or when a device
> > is rooted (We can detect both), or simply logging facts in the proof CSV
> > file.
> 
> There is also Google's SafetyNet API. I think its closed source and I
> don't like their approach, but you could look into it:
> https://koz.io/inside-safetynet/

Actually, as an optional "add-on", it seems quite nice. We can use the
hash of the media file as the nonce, as well, I think. Some progress
here:
https://github.com/guardianproject/proofmode/issues/15

Thanks again!


-- 
  Nathan of Guardian
  nathan at guardianproject.info


More information about the guardian-dev mailing list