|
|
|
|
|
|
by gligorot
1750 days ago
|
|
|
What about secure key import on Android? It's still not that widely available, but should be everywhere in a few years. The idea is: -a keypair is generated in secure hardware - you send the public key to a server which encrypts the secret key with it - the server sends the encrypted key back - then it goes inside the secure hardware where it gets decrypted The decrypted secret key is never in the userspace. |
|
|