Current full disk encryption on mobile devices rely on low entropy passwords like PIN numbers or pattern locks. Being able to use a smartcard with such mobile devices is a tempting idea.
I know that some implementations of smartcards are weak against physical attacks like using acid to recover the key or other side channel attacks.
Do (relatively) cheap smartcards that are resistant to physical attacks that work with mobile devices exist?
The smart card technology you would need certainly exists; SIM cards which can store and use RSA keys in a tamper-resistant way have even been deployed quite some years ago. If the SIM card can use a private key (subject to PIN code authentication) then the key K for disk encryption could be stored outside of the card in encrypted form, and the card be used to decrypt it when needed.
Availability of hardware does not mean that you can have it, now, in your phone. The SIM card you have is the one provided by your phone operator, who may or may not elect to sell you an RSA-able card. Moreover, even if you have such a card, chances are that there is nothing in the phone OS to take advantage of it, in particular in terms of disk encryption. You could potentially have it with a rooted Android phone, provided that you develop the missing pieces (e.g. TrueCrypt can work with smart cards).
An important point is that all of this is about storing the encryption key in a safe place when the device is powered down. However, card I/O being what it is, it would be very impractical to make the card perform all encryption/decryption for disk access; thus, when the phone is powered up, the disk encryption key will be somewhere in the RAM of the device. Mobile phones are normally kept on continuously, and if your phone is stolen, then it will be powered at that time. An industrious attacker may then use a cold boot attack to recover that key directly from the phone RAM.
