Android: Jetpack Datastore AES Encryption without Keystore

[sanginovs]

Hi there Thanks for this great security library. I am trying to migrate to the Jetpack Datastore, data storage alternative to Android EncryptedSharedPrefences. Since Datastore is new, there is no encrypted version of it which means i need to implement a custom encryption. We noticed with the EncryptedSharedPreference, we get many crashes when creating an instance of it with error message: com.google.crypto.tink.shaded.protobuf.InvalidProtocolBufferException: Protocol message contained an invalid tag (zero).at ...

This seems to be related to the Android Keystore based on the issues previously reported here. I have a custom AES encryption/decryption handler implemented for the Datastore. Instead of saving 256 bit symmetric key in the Android Keystore, I'd like to store it in the Datastore along side my encrypted data.

AndroidKeySet manager documentation written by your team downplays the security risk of doing so: https://google.github.io/tink/javadoc/tink-android/HEAD-SNAPSHOT/com/google/crypto/tink/integration/android/AndroidKeysetManager.html

Can you please share you opinion on alternative options to using AndroidKeyStore to store symmetric keys to encrypt/decrypt data from datastore?

Really appreciate. thank you

cc. @thaidn

[sanginovs]

Hi @thaidn Mind taking a look at this? I noticed you implemented the AndroidKeySetHandler.

[juergw]

We don't have an alternative to Android Keystore. DataStore is not really a replacement for Keystore, to implement a secure DataStore, one would also need to use Android Keystore.

Note that we did find an race-condition in AndroidKeysetManager, that may has been the root cause of the various errors that have been reported. EncryptedSharedPreference uses AndroidKeysetManager and was also affected by this. We have now fixed it, and plan to make a new release.

[tholenst]

We currently do not plan to work on this; we believe this would be better in androidx.security.