Reputation: 51
Where to store keys of encryption algorithm?
I need to develop an Android application where encryption/decryption is done on client side. The data that is transported and stored in the server MUST be encrypted. The problem is that I cannot store the key of encryption/decryption anywhere.
The keys cannot be stored on the client machine. Because the admins (or someone that can access the server) should not have access to the un-encrypted data.
How to generate keys then? Can you suggest some method?
Upvotes: 4
Views: 1468
Answers (1)
Reputation: 5076
I'll assume that when you say the encryption keys should not be stored in the device, you really mean it :-) Because if that restriction were not there, you could use the KeyStore. However, this will mean the keys are stored on the device, which seems not to be what you want.
So, assuming the encryption keys are external to the device, it's somewhat straightforward as there is not much room for choice: your client app asks the user to input the encryption key in some fashion (up to you), which it uses to encrypt the data, and then forgets the encryption key immediately.
Then it sends the encrypted data to the server, where it is stored. The server does not know the encryption keys so to the server it's just an opaque blob of data.
When the user wants to retrieve the data, they have to provide the decryption key on the spot, since it's not stored on the device.
Upvotes: 3
Related Questions
- how to securely store encryption keys in android?
- Where to store AES Key and Data using KeyStore?
- Storing a secret key on Android
- Android KeyStore to store the SecretKey for encryption/decryption
- What is the best place to store secret keys in an Android app?
- where to store confidential data like decryption key in android so that it can never be found by hacker
- Where to store my keys to encrypt data on mobile?
- Secure place to save encryption keys
- How to store secret key in Android?
- Where do we store key/passphrase/salt for encryption?