gurpreet-
commented
5 years ago Hello @tpatikirikorala,
You raise a very good question. It's a question I get asked often π
One solution is that you could generate a key from the Keystore then use that key to encrypt the keys generated by lazysodium.
However, using the Keystore has several limitations and gotchas on devices prior to API 23. One limitation is that the Keystore may be wiped when the user changes the device lock mechanism (i.e if they switch from PIN to a pattern based lock). Another limitation is that the user needs to enter their device's lock screen PIN/pattern/password whenever you access the Keystore. This is impractical if you are doing background work with the Keystore.
Another thing to ask is if an adversary physically possesses your user's device, is the device truly safe? With the huge variety of Android and Android devices, the user may not have full-disk encryption or have a faulty implementation of the Android Keystore. I mean just the other day I was testing an app on an Android smartphone that I bought very cheap. It said that it was API 25 but in reality it was simply modified to display API 25. Thus, I would say if an adversary possesses a user's device, it has already been compromised. Even with other smartphones like the iPhone, Apple said that the iPhones were practically unhackable but someone managed to hack it.
So you have to weigh the pros and cons and approach this with care, sensibility and practicality.
However, let's not be overly pessimistic π In API 28 the Android Keystore has several great improvements including a mandatory HSM, alas only a few smartphones support API 28 at this time.
What is the best way to store the secret key (private key) in asymmetric encryption on user device?
Since lazysodium creates custom keys without the usage of KeyPairGenerator, it does not look like we can we use android keystore to store these custom private keys. https://developer.android.com/training/articles/keystore
If not what is the best option?