Best Design Approaches for encryption

-
Android features some encryption libraries, which protect data on mobile devices with high level of security. The best security practice is to store all corporate data on servers behind firewalls, which works only when connected to internet. For encryption, we are following symmetric key algorithm between sender and receiver, which is as follows:


  • Sender sends receiver a copy of the secret key.
  • Sender encrypts the plain text and sends to receiver.
  • Receiver decrypts the data using secret key.

Following are some of the best practices to follow while storing encrypted data on mobile. It comes under ‘Good security discipline’ and ‘Software design and development’.

Good security discipline:
  • Never  store plaintext secret key on the device – The secret key should only be generated when the user provides the password, which identifies him.
  • Use  standard security algorithms with standard implementation - For eg; use the same method to check whether a user exists or whether he presents a wrong password.
  • Review the design with a security professional.
Software design and development :
  • Avoid  the use of java String class- String class is immutable, so it is impossible to store information like password, which changes or zero out.
  • Use high  quality key generation algorithm for password based encryption- The UTF 8 key encoding has an effective key space of 1.1 million characters, when compared to theoretical key space equal to 4.2 billion characters. PKCS#5 which has a much higher effective key space is the preferred standard for password encryption.
  • Use unpredictable  initialization vectors- Initialization vector (IV) is a random vector, which makes the encrypted text more random. IV should be changed after a set of messages, because it might become easier for attacker to guess the IV after a series of messages.
  • Do not use  message key indefinitely- Replace the message key after its limit. For eg- after sending 2^48 AES blocks with Chain Block Cipher, the probability of decryption will be higher.
  • The  setSeed() of secure random should only be used to generate predictable runs of testing- Class security.SecureRandom is used to generate cryptographically secure pseudo random numbers. The method setSeed() in the above class causes the instance to return a predictable sequence of numbers. By mistake it is used to generate random sequence of numbers, which should be avoided.    
Using the Advanced Encryption standards in Android

The cryptographic algorithms are organized into five groups: -
  • Ciphers - these  are classic encryption and decryption algorithms
  • Key agreement -  these implement a protocol for two parties to securely exchange a secret key between them, over an insecure channel. 
  • Message Authentication codes -  these are algorithms used to check that a message (file, etc) has not been corrupted or changed. 
  • Message digests - these are hash functions that offer a "fingerprint" of a document. These are frequently used as the basis of a message authentication code.  
  • Signatures -  these are algorithms that authenticate the origin of a file or message. Google requires that all apk files in the Google Play store are signed by a code that is unique to each developer. Thus each app in Google Play can be traced to the developer who put it there.
  • Description of AES


          AES is a symmetric key algorithm, which takes the same key for encryption and decryption. AES comes with key sizes of 128, 192 and 256 bits.  The larger the key, more secure is the cipher. The whole algorithm includes 3 steps- Key generation, encryption and decryption.

    Key generation

       - Creating a key specification object - used to hold all configuration parameters which includes human- friendly passwords, a salt (random number to make it more difficult for attacker), number of iterations of hashing object and length of secret key.
        -  Get a SecretKeyFactory object -  It tells the factory object which algorithm to use when     we generate the secret keys.
        -   Generate the secret key- It is done using the generateSecret method in the factory, and   passing the PBE key specification.
        - Create a second secret key spec- Using the raw bytes from the secret key and associate that spec with the AES algorithm.

     Encryption

    - Get an instance of the cipher, specifying the mode and padding.
    - Initialize the cipher, and a randomly chosen initialization vector. Use a different initialization vector for each message, if the initialization vector is send in plaintext along with an encrypted message.
    - Call update, passing in a byte array that holds one or more blocks of input plaintext.
    - Call dofinal, passing in one or more blocks of input ending with the final block.

     Decryption

     - Get an instance of the cipher.
    Initialize it for decrypting with the same secret key and the same IV.
     doFinal(), since we have all the blocks.











Comments

Post a Comment

Popular posts from this blog

Difference between "diff" and "sdiff" commands in Unix

-
Image
Hi everyone, in this blog post, I will be discussing about the difference between "diff" and "sdiff" commands in Unix. This is my first post about Unix. diff command diff command will compare two files and prints the difference between the 2 files. The format of diff command is diff file1 file2 . sdiff command sdiff command will compare two files side by side. The format of sdiff command is sdiff file1 file2. The contents of files are displayed side by side with a marker denoting the difference between each files. Some of the important markers used in sdiff are as follows: | - denotes the 2 files differ in the line completely. < - only the first file contains the line. > - only the second file contains the line. The better way to depict the difference is by showing examples. Here, I am comparing 2 files which are named as " ipl_teams_2008.txt " and " ipl_teams_2015.txt ". Let's see the contents of the files.
Read more

Anonymous classes in C++

-
Anonymous Classes in C++ Anonymous class is a class with no name. The main advantage of using an anonymous class is that it provides reusability of the class. Also anonymous class helps in encapsulation of data. Anonymous class is basically used when only one instance of the class is needed and it has only a short body. By defining an anonymous class, it does the same steps of defining a local class and instantiating it. The anonymous class is rightly used after it is defined. Following specifies an example of anonymous class in C++. class { int a; } c1; Here, c1 is an object of the anonymous class. Usually, anonymous classes in C++ are defined using "typedef" ( a keyword to assign alternative names to existing types). Typedef helps in giving another name to the class. It is shown as below: typedef class { int a; } newclass; newclass c2; Here newclass is the object of the anonymous class and c2 is its instance. Member variables can also be initialized in ano
Read more