android
android copied to clipboard
Official Android client for keyspace.cloud. A beautiful and secure password manager.
Keyspace Android
![Keyspace](https://github.com/Keyspace-cloud/android/raw/main/app/src/main/res/mipmap-xhdpi/ic_launcher_round.png)
The official Android client for app.keyspace.cloud. A beautiful and secure password manager where you hold the keys.
![Click to view screenshots](https://github.com/Keyspace-cloud/android/raw/main/misc_assets/app-previews/readme/banner_github.png)
Logins
![Click to view screenshot](https://github.com/Keyspace-cloud/android/raw/main/misc_assets/app-previews/readme/mini-login.png)
Create and store passwords, two-factor authentication codes, backup codes and more.
Notes
![Click to view screenshot](https://github.com/Keyspace-cloud/android/raw/main/misc_assets/app-previews/readme/notes.png)
Secure notes with rich previews and markdown support
Payments
![Click to view screenshot](https://github.com/Keyspace-cloud/android/raw/main/misc_assets/app-previews/readme/cards.png)
Access your credit and debit cards with ease
Keyroute
Swipe up and scan a QR code to instantly log into your desktop
Recovery
![Click to view screenshot](https://github.com/Keyspace-cloud/android/raw/main/misc_assets/app-previews/readme/words.png)
All of this is backed up and encrypted with a 12 word recovery phrase.
Features
Zero knowledge Encryption
Keyspace uses end-to-end encryption to secure all user data (Logins, Notes, Cards etc.) with keys derived from a 12 word mnemonic seed phrase.
Signature based authentication scheme
Read more: Bitwarden Security White Paper (page 9)
Most password managers transmit a hash of users master password for authentication purposes. Keyspace uses a challenge-response based authentication scheme to eliminate users master password hashes being stored on the backend. The client simply signs cryptographic challenge and sends it to the backend. Password hashes never cross the wire.
Deterministic Key derivation
Most cloud based password managers derive a master key that encrypts other keys which are 'wrapped' or 'protected' which is then stored on their servers. Keyspace derives all keys deterministically on your device from the 12 word mnemonic seed phrase eliminating the need for 'wrapped' keys.
Private
Read more: Bitwarden Icon Privacy
Your privacy matters. No third party analytics or crashlytics libraries were used in the making of Keyspace. No network calls are made to external endpoints to fetch item icons.
Stronger and faster cryptography
XChaCha20-Poly1305 with 192bit nonce instead of AES256 GCM or CBC and ED25519 over RSA for signatures.
Strongbox-backed Android Keystore
Your encryption key is stored on a separate hardware security module (HSM) inside your phone which has its own CPU, storage and RNG, safeguarded against key extraction. Keys are only accessible upon successful device authentication.
Quick wipe
Instantly sign out and delete all on-device Keyspace data by tapping the quick settings tile. Useful if the country you're in has a poor human rights record or if your device is confiscated without your consent.
Offline support
On a flight? No problem. Keyspace can do everything offline and sync once you're online.
Native android app
Keyspace is written in Kotlin. Keyspace is designed to be fast and lightweight in size <20MB.
Note: Strongbox-backing depends on availability of device-specific hardware. Keyspace will use other secure methods in case your device has no Strongbox.
Cryptography
Credits
The Keyspace Team
- Owais Shaikh - Android App
- Nimish Karmali - Cryptography, Architecture and Infrastructure
- Rohan Chaturvedi - Backend API, Browser and Desktop Apps
License
Copyright © 2022-2023 Keyspace
This project is licensed under the GNU GPLv3 License