Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Shlomo_H_
Beginner
43 Views

How does the App Security API encrypt data?

Jump to solution

The App Security API seems to make it very easy to encrypt data in hybrid HTML5 apps, but the documentation doesn't give much data on how it works:

The confidentiality and integrity of the sealed chunk is protected by encryption and signing. You do not need to deal with encryption, signing, or key management; the App Security API does this for you.

What encryption algorithm is used? What key is used (when not providing an 'extraKey')?

Thank you.

Tags (2)
0 Kudos
1 Solution
Dan_S_Intel
Employee
43 Views

Hi Shlomo,

The encryption-decryption of the data in App Security API is done using AES-GCM algorithm.

The AES-GCM key is derived from device specific attributes (hardware and software) along with an extra key (if provided during createFromData api).

Thanks,

Dan.

View solution in original post

2 Replies
PaulF_IntelCorp
Employee
43 Views

Shlomo -- I'll ask one of the experts on that API to respond. --Paul

Dan_S_Intel
Employee
44 Views

Hi Shlomo,

The encryption-decryption of the data in App Security API is done using AES-GCM algorithm.

The AES-GCM key is derived from device specific attributes (hardware and software) along with an extra key (if provided during createFromData api).

Thanks,

Dan.

View solution in original post

Reply