KeySafe The platform-independent password safe with external security

Abstract: Storing and accessing sensitive data has become an important task in today’s society. Many different services require login credentials for users to remember in order to authenticate themselves. A common habit is to use the same password for several services. This is considered a security risk since if someone uncovers the user’s password they will gain access to all of the different accounts using the same password. Hence users are encouraged to use different login credentials for different services, resulting in an increasingly large list of sensitive data the user needs to remember. KeySafe provides a password storage service which makes all your digital keys available with the use of physical one. In this project, a platform independent service has been created with an Android application which implements external authentication using NFC tags. Using Google App Engine with the Endpoints API backend the service becomes available to a range of different devices such as iPhone, PC, Tablet or Mac. This resulted in a flexible, secure system that makes it an easy task to use strong and independent passwords for different login-services. All data stored by the application is encrypted using the AES encryption cipher and the AES key needed for decryption is stored on the external NFC tag.