I didnt read anything about it, so its just a consideration from my side, how i would do it:
On Wed, 27 Jun 2012 21:11:00 -0700 (PDT), Earlence <[email protected]> wrote: > Google states that apps downloaded from play will be encrypted on the > device. > I have a few questions: > > 1. From the documentation, it seems that the APK will be stored in > encrypted form in the /data/ partition. If so, does this mean that on > every execution, a decryption takes place? If so, the key has to be > retrieved onto the device, probably from the users gmail account. ad encryption: yes or it will be cached. mostly like this... i think it will be more like a PKI. Mostly with a asymetric encryption method like RSA or ECC. So every Phone will create its private key, which is stored maybe on the phone or on its gmail account. > > 2. If I change my device, will my apps go away? The docs say device > specific key. Maybe this is an incorrect term? The key should be > associated with a key derived from the gmail account? i dont think so. I think it will be like this: The List of apps you purchased is stored on the google play server. So you can encrypt every app for every phone every time. > > 3. If the app is encrypted before download to the device, this means 2 > things: a. the key is associated with the gmail account or b. google > play talks to the device and the key is really stored on the device > somewhere. i think they will encrypt with the phones public key, so only you can encrypt it. so google play talks to the PKI and asks for the public key... > > Comments/Thoughts? > > -Earlence -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
