Speaker
Description
While the D-Bus "Secret Service" API is integrated well in the GNOME desktop through gnome-keyring and libsecret, the architecture is getting outdated as flatpak apps come to the fore. One of the biggest problems of the current architecture is that the secrets are not properly isolated per application and that allows one application to request another application's secrets.
To address this, there was an idea proposed at GUADEC 2013: provision applications with a session key through kernel keyring and let the applications locally encrypt their secrets. This approach, however, was still suboptimal, because it requires authentication and access control in kernel keyrings.
In this talk we discuss the threat models taking into account of flatpak based workflow and propose an approach to overcome those by combining the local encryption idea with public-key cryptography, TLS-PSK, and hardware-based security.