Conversation

It's too bad the Android keystore doesn't support secp256k1 so it can't be used for Bitcoin wallets. A hardware wallet with dedicated display and input is much better but the keystore could at least protect the seed and require user presence for use. Curve25519 would be nice too.

8:17 PM · Nov 14, 2018Twitter Web Client

Replying to

It only supports P-224 (secp224r1), P-256 (aka secp256r1 and prime256v1), P-384 (aka secp384r1) and P-521 (aka secp521r1). The StrongBox keystore strips that down to supporting P-256 since it's very minimalist by design and only the 128-bit security level is truly important.

Replying to

I’m proposing direct support of secp256k1 in the TrustZone for future

@htcexodus

phones, but unlikely in v1. What else would you like to see at the TrustZone level under Android?

Replying to

and

It would ideally be one of the curves provided by a StrongBox Keymaster implementation, which only mandates P-256 for now: developer.android.com/about/versions The Titan M on the Pixel 3 provides the first implementation of that, among other features it implements:

android-developers.googleblog.com

Building a Titan: Better security through a tiny chip

At the Made by Google event last week, we talked about the combination of AI + Software + Hardware to help organize your information. To better protect that information at a hardware level, our new...

Show replies