1

I'm working on an Android project that utilizes Couchbase-Lite (1.1.0) and the requirements are that all data (the documents themselves and any Couchbase attachments) is encrypted prior to storage.

I had originally envisioned encrypting the entire database file using something like SQLCipher, but I haven't been able to find a straightforward implementation for that (I know that the Couchbase-Lite implementation for iOS uses this approach, but the Android build is a bit behind), so instead my plan is to encrypt the documents (the JSON representation) and the attachments (the stream) before saving them into Couchbase-Lite database.

My questions: What are the recommendations for this kind of encryption? What methodology / libraries? I assume AES-256, but should I build it myself or utilize a 3rd party library (any suggestions)?

What's the best way to maintain a passphrase within the device that is more secure than hardcoding it within the app (which is really, really bad)?

Has anyone seen something similar to this (my googling ability has left me high and dry) that could point me to a similar use case?

Thanks!

user3059309
  • 61
  • 4
  • [Hiding keys in Android could be a little complicated](http://stackoverflow.com/questions/28609526/store-client-secret-securely), I'm afraid... – jmm Jul 02 '15 at 22:34

1 Answers1

0

Use an existing AES library. Either use CBC mode with an HMAC to check authenticity, or a self-checking mode like GCM. Not all libraries have GCM since it is more recent.

Write the passphrase on a piece of paper and keep it in a locked drawer. That is unhackable. Type it in when needed. Clear the memory immediately after you have finished using it. Alternatively, keep it on a memory stick, and lock that in the drawer. You will still need to clear the memory. Change the passphrase regularly. Yes, this does mean decrypting the entire database with the old key and re-encrypting with the new key. Allow time in your daily/weekly/monthly/whatever schedule to do this. Just before a backup is good. Keep the old passphrase securely offline, in a safe perhaps, in case you need to rederive the key to recover an old backup.

Look at a good Key Derivation Function like HKDF (from RFC 5869) to derive the actual key from your passphrase.

This is crypto, and it is complex. It has all been done before, so you need to stick to tried and tested methods.

rossum
  • 15,344
  • 1
  • 24
  • 38