-1

I have a mobile application generated by codename one, so it is going to work on all mobiles. Its a Client-Server application. I have to store credit card info and some other private info. I think for Encryption Rijndael would be the best. i have used MD5 before but now a days i think it is old

I don't know how to do that any help..?? How can i Encrypt the information on mobile app it self and then send that to server ..?? Or is there any other Encryption method better than Rijndael ..??

Sumit Jain
  • 87
  • 9

3 Answers3

1

MD5 is not an encryption method, it's a hash function. Rijndael (a.k.a. AES) is supported out of the box in Java, although there might be some restrictions on the key size.

As a side note, I'm a bit worried that you would be handling credit card information, with a lacking knowledge about security.

Kayaman
  • 72,141
  • 5
  • 83
  • 121
  • 1
    Thanks for your response, and i know uses of **MD5**. I got things mixed up sorry for that. And I am really working hard to understand the encryption and security besides this is just a test application and it would be reviewed by my mentor. I just want to do it perfect. – Sumit Jain Nov 25 '14 at 06:58
  • Well, see the javax.crypto package for a start. – Kayaman Nov 25 '14 at 07:27
  • Encryption and attacking it is an ongoing battle. The non-solutions of today may have been valid in their time (quite a lot never were). Even tomorrow's perfect solution will have a limited window of validity. That said, I'd expect state-of-the-art encryption to be the least vulnerable part of a credit card system. – greybeard Nov 25 '14 at 08:56
  • Well, the issue here is two-fold. You can already use SSL to transmit the data to a server in a secure fashion, without having to encrypt anything yourself. However if you're storing the data somewhere, it should be at least encrypted separately. Preferably it shouldn't be stored in a place (such as your phone) where an attacker can gain access to it. – Kayaman Nov 25 '14 at 08:59
  • Rijndael isn't AES, it's a superset. Some people get bitten by that, using Rijndael features not supported by AES and having interoperability issues. – Bruno Rohée Nov 27 '14 at 05:11
0

There are lots of algorithms that are sometime better than Rijndael and sometimes worst, it is up to your need to decide what encryption you need.

By the way as you asked about how to encrypt you can see this link about how to implement algorithm, and you can it implement it in almost every languages like this :

Java

Objective C

C++

And almost any language that you want.

Lrrr
  • 4,755
  • 5
  • 41
  • 63
0

To user cryptographic algorithms in Codename One (hashing, encryption etc.) you can use the bouncy castle cn1lib: http://www.codenameone.com/blog/bouncy-castle-crypto-api

See the full list of 3rd party libraries for Codename One here.

Shai Almog
  • 51,749
  • 5
  • 35
  • 65