Learning Objectives
- Students learn cryptography basics (concepts, algorithms, techniques, implementation, and evaluation) for mobile apps.
- Students learn basic cryptography implementation for Android mobile security.
All important data on mobile devices must be protected with encryption to prevent sensitive personal data leakage and enterprise data loss in case of device loss and malicious attacks. This module introduces the common public key encryption algorithms and practice for Android platform.
- Encryption is a translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text ; encrypted data is referred to as cipher text. There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption (also called private-key encryption). Asymmetric encryption relies on the mathematical difficulty in solving modulus for big numbers, so for asymmetric encryption it is more time consuming. Symmetric encryption, on the other hand, is less time consuming since a secret key is shared by the sender and the receiver. For this reason, asymmetric encryption is often used for transmitting the shared secret key. After the secret key has been securely shared by the two parties, the symmetric encryption will be used for the rest of the conversation.
- Decryption is the reverse process of encryption which finally gives user back the original plain text. In the process of decryption, the decryption algorithm uses a private key (in public-key encryption infrastructure) or a secret key (in private-key encryption infrastructure) translating the data from cipher text into human readable plain text.
Encryption & Decryption algorithms
- Encryption algorithm is a mathematical procedure for performing encryption on data. Through the use of an algorithm, information is made into meaningless cipher text. RSA is a widely used public-key encryption algorithm. AES is a well-known private-key encryption algorithm.
- Decryption algorithm is a reverse mathematical procedure for a specified encryption algorithm, such as RSA & AES. Decryption algorithm requires the use of a key to transform cipher text back into plain text.
Basics for RSA Encryption Algorithm
Asymmetric encryption infrastructure (or the so-called public key encryption) requires two distinct keys for both encryption and decryption. It may be confused for a new learner in cryptography. In this section we will give you a brief notion of a widely-used public-key encryption algorithm, the RSA Encryption Algorithm.
- Choose p and q, n = pq, where p and q are distinct primes.
- Compute φ = (p-1)(q-1) .
- Choose a public exponent e, 1 < e < φ(n), which is co-prime to φ(n), that is, gcd(e, φ(n))=1.
- Determine d = e-1 mod φ(n) which also means solve for d given (d*e)mod φ(n) = 1.
- Make the public key (n, e) available to others. Keep the modulus n and the exponent d as secret.
- When encrypt, use the formula: ciphertext c = me mod n, 1 < m < n-1.
- When decrypt, use the formula: plaintext m = cd mod n.
Basics for AES Encryption Algorithm
AES (Advanced Encryption Standard) is a well-known symmetric encryption algorithm standardized by U.S. government. In AES, the same key is used in both encryption and decryption. AES encrypt plain text in blocks. It treats each block with several different processing steps, including non-linear substitution, row transposition, column mixing and so on.