Android Application Security Essentials by 2013

Author:2013
Language: eng
Format: epub
Publisher: Packt Publishing

Chapter 6. Your Tools – Crypto APIs

To respect user privacy, applications that process sensitive data need to protect this data from prying eyes. Although the Android stack provides layered security architecture with security built in the operating system itself, it is relatively easy to gain root access on the device, thereby compromising the data stored on the device. It is thus important for application developers to be aware of the tools that they can use to securely store data. On the same note, it is important for them to understand how to properly transmit data.

The Android stack provides tools that developers can use to perform tasks such as encryption and decryption, hashing, generating random numbers, and message authentication codes. These tools are the cryptographic APIs provided by various packages in the stack. The javax.crypto package provides capabilities to encrypt and decrypt messages, and generate message authentication codes and key agreement APIs. Random number generation is provided as a utility by the java.util.Random class, and the java.security package provides APIs for hashing, key generation, and certificate management.

In this chapter, we will discuss crypto APIs provided by the Android stack and available to application developers to protect sensitive information. We begin the basic terminology used in cryptography, followed by information on how to find out the security providers available. Next, we will discuss random number generation followed by hashing functions. Asymmetric and symmetric key cryptography and different cipher modes are discussed next followed by message authentication codes.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.