AES256PasswordBasedEncryption-Decryption A library that lets you use the AES 256 password based encryption/decryption for your android application in the easiest manner.
Example Android application on the play store: https://play.google.com/store/apps/details?id=aes.secureencryptdecrypt
To get this project into your build:
- Add the specific repository to your build file:
repositories {
maven {
url "https://jitpack.io"
}
}
- Add the dependency in your build file
dependencies {
compile 'com.github.rishelarora:AES256PasswordBasedEncryption-Decryption:717dccc0ec'
}
USAGE:
- Initialise a SecureMyText object with following syntax
SecureMyText secure=new SecureMyText(context,String password for encryption);
- Use the created object to perform encryption.
This is just to see the encrypted text. DONT send this to server. The final text to be sent needs to contain salt and IV for that instance of communication to be successful.
String encrypted_text = secure.encrypt(string to be encrypted);
- For getting final encrypted text containing salt and IV to be transferred,
Send the following string to Server.
String encrypted_text_to_be_transferred = secure.EncryptToFinalTransferText(string to be encrypted);
A potential hacker now needs to obtain the salt, IV, your inital text password and number of iterations to decrypt this text. Even if he/she succeeds for the next attempt, the salt and IV are again randomised and the other 2 parameters can be changed on both server and client sides so it doesn't compromise the whole system.
4.For decrypting initialization remains the same
String plain_text = secure.decrypt(string to be decrypted);
For more details look into the SecureText class. The sample folder has an android application that shows a sample implementation of the encryption/decryption. Explanation of the whole encryption and decryption process taking example of app to server communication with notes and flow diagrams is attached.
Happy securing!