What are Krypton and krd?
Krypton is an iOS and Android application that generates and stores a key pair for use with SSH (Secure Shell) and provides a mechanism to delegate access to the private key to computers running krd. The private key never leaves Krypton. Instead, through a pairing procedure, Krypton creates a channel for krd to send “signature requests” whereby upon a valid request, Krypton cryptographically signs the requested data with the private key and only sends the resulting signature back to krd. This communication channel is encrypted and signed with a session key established during the pairing procedure.
Private Key Storage
On iOS, Krypton by default generates a
4096-bit RSA key pair using the Apple iOS Security framework.
Optionally, Krypton can be asked instead to generate one of the following key types:
Ed25519key pair using libsodium
NIST P-256key pair using the Apple iOS Security framework (introduced in 2.3.0)
4096-bit RSA key pairs, Krypton stores the private key in the iOS Keychain with accessibility level
NIST P-256 key pairs, Krypton generates and stores the private key in the iOS Secure Enclave.
To learn more about the security of Apple cryptography libaries and the Apple iOS Keychain see the iOS Security Guide.
On Android, Krypton generates a
3072-bit RSA key pair (stored in the AndroidKeystore crypto coprocessor) or optionally an
Ed25519 key pair using libsodium (stored in app-private file storage). When the private key is stored in the AndroidKeystore it cannot be extracted, even by Krypton, since the AndroidKeystore performs private key operations as a black box.
What information do we collect?
If analytics are enabled, we collect the following information about usage of the Krypton app:
- App version
- iOS/Android Model, Version, Carrier, ISP
- Frequency of use for each app screen
- Frequency of approval requests
- Type of approval request: manual or automatic
- Latency of krd responses
- Whether a krd request times out
- City (automatically determined by Google Analytics from IP)
- Email addresses (public key labels)
- Types of kr commands run (i.e. kr add, but the name of the server is not recorded)
What information do we NOT collect?
We do NOT collect any properties of your SSH communication. These are examples of things we DO NOT collect:
- Private key
- SSH remote host names
- SSH remote host public keys
- SSH session ids
- SSH User names
- Computer names
How do we collect information?
Disable information collection
Users can disable all information collection by navigating to the Krypton settings page and enabling the “Disable Google Analytics” setting. Krypton WILL report to Google Analytics that analytics have been disabled, but will not report any future events until analytics have been re-enabled by toggling the same setting.
How we use your information
We use your information to improve Krypton’s performance and quality. We use this information to learn which features are being used and how often. We also use this information to detect irregularities. This enables us to modify functionality, diagnose potential bugs, and determine which features to select for product updates. We collect email addresses for the purpose of communicating new features, product updates, and company updates. We will never spam email addresses and provide users with a way to opt out.