Keyring for Palm OS

introduction | user's guide | crypto | download | conduits
how to help | thanks | faq | changelog | building from source
plans | pre-release
mailinglists | bugs | suggestions | code contribution
sourceforge project | freshmeat record




Cypherpunks write code. We know that someone has to write software to defend privacy, and since we can't get privacy unless we all do, we're going to write it. We publish our code so that our fellow Cypherpunks may practice and play with it. Our code is free for all to use, worldwide. We don't much care if you don't approve of the software we write. We know that software can't be destroyed and that a widely dispersed system can't be shut down.
-- The Cypherpunk Manifesto

introduction

Keyring for PalmOS lets you securely store secret information on your PalmOS (PalmPilot, Visor, WorkPad) handheld computer. Many people use Keyring for PalmOS to store

Other features include:

a note on naming

This is not an official GNU program. The original name gnukeyring was chosen in 1999 as a token of thanks to the many people who've contributed to the body of free software.

The Free Software Foundation has a policy that software bearing the “GNU” brand should, amongst other things, run on at least one free computer system. PalmOS, though a fine technical achievement, is not free.

As a result, this application has changed its name to Keyring for PalmOS to make this clearer.

security information

Keyring for PalmOS encrypts all data except when it is actually being edited. Everything in it's database is always stored encrypted. It uses 3-DES for encryption, the key is generated from a MD5 hash of your master password.

The master password is not stored in the database. Instead, an MD5 hash of the password and a random 32-bit salt is stored and checked against entered values.

A strong random number generator gathering event entropy is used to generate random passwords.

See the crypto chapter for details.

known weaknesses

If it is possible for an attacker to get the encrypted database he can try a brute-force attack to find the correct password. Keyring for PalmOS provides 112 bits encryption, but that doesn't help if you have a weak master password. An attacker may try all passwords from a dictionary or short letter/digit combinations. With a 1.2 GHz PC he can check roughly 1.5 Million passwords per second. A good password uses at least 8 random letters, digits and punctuation characters. Keyring for PalmOS supports passwords of up to 40 characters. I use a 10 character random password including letters, digits, punctuation and accentuated characters.

Categories and key names are not encrypted. This makes it possible to browse the key database without entering the password. You should be careful not to put sensitive information in the key name. You can for example leave it empty.

PalmOS does not have memory protection between applications: a hostile application or PC-based conduit could read information from inside the Keyring for PalmOS database. Keeping records encrypted provides some protection but a trojan palm application may, for example, record all graffiti strokes to steal your password.

Keyring for PalmOS uses ECB so every 8 byte block is encrypted the same way. This way an attacker can see from the encrypted database which blocks have the same contents. He cannot, however, guess the encryption key from a known plaintext/encrypted pair.

There was a serious bug in version 1.0 that Keyring never removed the cached database key, even when the timeout was long over. It even stored it in a database so it is possible that it was backed up to your PC. You should make sure you use at least version 1.1 and that you don't have a file named "Keys-Gtkr-Temp.pdb" on your PC. It is also a good idea to change your password, if you have used it under Keyring 1.0 before.

You should only Hotsync to trusted computers. It would be possible to (for example) put a program on the PC that grabbed the handheld's memory image, or that installed a trojan onto the handheld. To avoid trojan versions, please download from the official site and check the MD5 checksum and GnuPG signature. My GPG key is available from the PGP key servers:

pub  1024D/7BFE5D13 2007-03-06 Jochen Hoenicke, hoenicke at gmail com
fingerprint = 088F 8EB2 D57A F4D6 4C40  A5EA 90AC 201D 7BFE 5D13
Older packages are signed with my old (now expired) key:
pub  1024D/C230BB64 2002-02-18 Jochen Hoenicke, hoenicke at informatik uni-oldenburg de
fingerprint = E3F9 4C70 3C5D 7AD5 DF84  DA25 B131 2FFD C230 BB64
If you belong to the strong web of trust, you can find a trust path to my key.
Enter your pgp key id here:




SourceForge

Copyright © 1999-2005 by Jochen Hoenicke <hoenicke@users.sourceforge.net> and Martin Pool <mbp@users.sourceforge.net> .
All products or company names may be trademarks of their respective owner.
$Id: index.htp 799 2009-04-16 13:22:29Z hoenicke $