1. Download our Official Android App: Forums for Android!

Apps Choose your Android crypto

Discussion in 'Android Development' started by MaryBory, May 23, 2016.

  1. MaryBory

    MaryBory Lurker
    Thread Starter
    Rank:
    None
    Points:
    6
    Posts:
    1
    Joined:
    May 23, 2016

    May 23, 2016
    1
    1
    6
    London
    When building your next app, you might realize that you need to encrypt the data. There are two main reasons for that:
    • transmitting sensitive data to the server and back
    • storing sensitive data
    Even though there is a multitude of tools for that, not all of them are equal. By just taking some random algorithm from javax.crypto and using StackOverflow example to implement it, you will generate results far from desirable. Building your own cryptosystems is hard, and it's very easy to get it wrong.

    So, you need to make your choice consciously. How to do that?

    [​IMG]

    Professor vs developer dilemma

    When designing data protection, what you will end up with is not just 'algorithm' (the good ones are already invented by professionals and delivered to you in any library), but a cryptosystem - a combination of algorithms, storage formats, protocols, etc. Remember about "the goal"?

    Algorithms don't fulfill goals, cryptosystems do. Equally, algorithm weaknesses themselves are not the problem (they could be used in a form, in which their vulnerabilities cannot be exploited), cryptosystem weaknesses are the problem: if they do deliver their guarantees, they're fine, if they don't - they're not.

    And this is the basis on which you might want to choose either professor way tools or the developer way tools.

    You can know more: https://www.cossacklabs.com/choose-android-crypto.html
     

    Advertisement

    ac4android likes this.

Share This Page

Loading...