[guardian-dev] Introducing Conceal: Efficient storage encryption for Android

Josh Steiner josh at vitriolix.com
Wed Feb 5 04:08:36 EST 2014


Anyone tried this yet?

https://code.facebook.com/posts/1419122541659395/introducing-conceal-efficient-storage-encryption-for-android/

Caching and storage are tricky problems for mobile developers because
they directly impact performance and data usage on a mobile device.
Caching helps developers speed up their apps and reduce network costs
for the device owner by storing information directly on the phone for
later access. However, internal storage capacity on Android phones is
often limited, especially with lower to mid range phone models. A
common solution for Android is to store some data on an expandable SD
card to mitigate the storage cost. What many people don't realize is
that Android's privacy model treats the SD card storage as a publicly
accessible directory. This allows data to be read by any app (with the
right permissions). Thus, external storage is normally not a good
place to store private information.

We saw an opportunity to do things better and decided to encrypt the
private data that we stored on the SD card so that it would not be
accessible to other apps. To do this efficiently, we built Conceal, a
set of Java APIs to perform cryptography on Android and make storage
more secure and lightweight. We created Conceal to be small and faster
than existing Java crypto libraries on Android while using memory
responsibly.

...


More information about the Guardian-dev mailing list