[markkum]

The cool generalized version does exist :). Check out https://www.mepin.com/

We've got RSA 2048 keys on iOS, Android and a separate smartcard USB key, and do 2-factor login and transaction authorization with a simple tap in an app + optional direct login without a password + trusted messaging. Available as an app or an app SDK.

What I'm wondering is whether Twitter is actually protecting the private keys? That's the real tricky part.

[sehrope]

Looks cool but I'd like something like TOTP where anyone can implement the client side of it. Since everything is done with public/private key pairs it's possible to have a setup with a central party acting as an opaque forwarding service between the client and the server.

What I want is an open standard for this that allows users to change their forwarding service after the fact, preferably without changing anything on the servers they're using it to authenticate with.

[zymhan]

Yeah, if the device is unencrypted, which it likely is, and the key isn't passphrase protected, which also seems unlikely, then it should be trivial to access the private key.

[rdl]

There are simple APIs on iOS (and I believe on Android) which allow you to protect private keys and other data in local storage. Once the iPhone 5S with biometrics comes out (90% likely in September), this will be even more meaningful.

[markkum]

Well, yes and no. On iOS you can somewhat rely on keychain, but when the device is jailbroken all the local "simple API" security is gone. Generic Android doesn't really have anything that I would call secure, so there a serious solution needs some heavy lifting.

And yes, the pals at AuthenTec had some cool biometric and related stuff when I worked with them :), before they were swallowed by Apple. I'm certainly looking forward to what Apple will launch ... but a fingerprint does not magically solve all the issues.

[rdl]

Android manufacturers have a few similar extensions (Samsung and HTC, at least), although I haven't started messing with them yet.

[DuskStar]

Still, Android also has root. You're trying to keep a superuser from being able to access a file...

[rdl]

The awesome/amazing thing is you can actually do this in properly designed systems -- the key is generated on a separate processor (or, on some ARMs, in a special processor mode), and inaccessible directly to everything else; it can only be used to do operations. If you're superbadass, you can let it put some kinds of access control logic inside the trusted envelope too, so you can rate limit requests, or do additional checks (i.e. "you can't sign a request to pay a bitcoin unless the request signature is valid AND the bitcoin address has >4x that amount, or 2 weeks pass after posting public notice...").

HSMs can do this (no one really does, though); smartcards can too. The problem is no one wants to physically plug a smartcard into a phone, so you're stuck using stuff physically built into the phone. The alternative would be a bt 4.0 le cardholder which talks to the phone, and contains either an internal smartcard or a smartcard slot.

For DOD, there's a badgeholder for the CAC which speaks bluetooth (old, 2.1 I think) to the RIM Blackberry. Updating that to 2013 to work on the iPhone would be pretty awesome, using 4.0le, particularly with a decent smartcard (not sure what the state of the art is; I remember screwing with old javacard stuff with the iButton which sucked.)

[limmeau]

"no one wants to physically plug a smartcard into a phone"

SIM cards come to mind.

[guantes]

This looks like a cool service, is there pricing information somewhere? I couldn't find any on the website.

[nekitamo]

>What I'm wondering is whether Twitter is actually protecting the private keys? That's the real tricky part.

They could be using whitebox cryptography.