[Owasp-leaders] Mobile Encryption
yiannis at owasp.org
Fri Dec 28 21:40:29 UTC 2012
Have a look at https://www.owasp.org/images/5/56/OWASP_ChapterMeeting_SqlCipher-2012.pdf
Maybe sqlcipher is a good fit to build your protocol on!
Sent from my iPad
On Dec 27, 2012, at 10:33 AM, "Ala'a Mubaied" <alaa.mubaied at owasp.org> wrote:
> Hey Leaders
> I am working with the mobile application team on designing the One Sync Solutions for all devices. The biggest challenge here is how to store the user data in the client side.
> Basically, the idea is to encrypt the data in the client side by assigning a secret to each user, and the secret is stored in the server side only. Whenever the client application read the local storage, it requires to get the secret key from the server by user authentication through https connection. But there are 2 questions in my mind
> In this case, we cannot provide the offline access of the user data
> The secret is still stored in the memory of the application
> Team, any similar use case encounter before?
> Thanks and Regards,
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders