Chapter 6. Your Tools – Crypto APIs
To respect user privacy, applications that process sensitive data need to protect this data from prying eyes. Although the Android stack provides layered security architecture with security built in the operating system itself, it is relatively easy to gain root access on the device, thereby compromising the data stored on the device. It is thus important for application developers to be aware of the tools that they can use to securely store data. On the same note, it is important for them to understand how to properly transmit data.
The Android stack provides tools that developers can use to perform tasks such as encryption and decryption, hashing, generating random numbers, and message authentication codes. These tools are the cryptographic APIs provided by various packages in the stack. The javax.crypto package provides capabilities to encrypt and decrypt messages, and generate message authentication codes and key agreement APIs. Random...
