Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Can Android's keystore be backed up?

Android supports cloud and local backup of APK files, application data, and so on. Is the device keystore included in the backup?

(I don't think you can extract private keys from an hardware-backed keystore even in rooted devices, not so sure about the software-based version used when there is no hardware support.)

like image 489
Daniel Avatar asked Jan 13 '16 11:01

Daniel


1 Answers

No. The whole point behind the hardware-backed keystore is that it's resistant to even privileged attacks with root access.

For this reason, not even the OS can access raw key material from the hardware-backed keystore.

While it would be theoretically possible for the OS to do a keystore backup on lower end devices with a software-backed keystore, this is simply not done or allowed by the OS for security reasons.

like image 152
Trevor Johns Avatar answered Oct 31 '22 06:10

Trevor Johns