[Owasp-leaders] Mobile Encryption

Yiannis Pavlosoglou yiannis at owasp.org
Fri Dec 28 21:40:29 UTC 2012


Hi Ala'a,

Have a look at https://www.owasp.org/images/5/56/OWASP_ChapterMeeting_SqlCipher-2012.pdf

Maybe sqlcipher is a good fit to build your protocol on!

Thank you,

Yiannis 

Sent from my iPad

On Dec 27, 2012, at 10:33 AM, "Ala'a Mubaied" <alaa.mubaied at owasp.org> wrote:

> Hey Leaders
> 
> I am working with the mobile application team on designing the One Sync Solutions for all devices. The biggest challenge here is how to store the user data in the client side.
> 
> Basically, the idea is to encrypt the data in the client side by assigning a secret to each user, and the secret is stored in the server side only. Whenever the client application read the local storage, it requires to get the secret key from the server by user authentication through https connection. But there are 2 questions in my mind
> In this case, we cannot provide the offline access of the user data
> The secret is still stored in the memory of the application
> Team, any similar use case encounter before?
> 
> Thanks and Regards,
> 
> Ala'a
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20121228/f89eb420/attachment.html>


More information about the OWASP-Leaders mailing list