-1

I have to ensure media (Pictures,video and audio)taken by my application is encrypted and not visible outside the scope of the application. To this end I am not sure if I should use AES encryption or Libsodium. From forums this two methods are both receiving good press, so which method is strongest and most efficient in terms of memory needs,speed and overall security.

Secondly in an offline scenario where an application does not have any Internet connectivity which is the safest way to manage encryption keys?

James Wahome
  • 588
  • 11
  • 31
  • An aside: If you need a heart transplant do you go to a podiatrist or a heart surgeon, both are board certified doctors. In analogy the talented programmer is the podiatrist, the cryptographic domain expert is the heart surgeon. Pick one. – zaph Feb 15 '16 at 15:01
  • I get the the analogy :-) – James Wahome Feb 15 '16 at 15:19

1 Answers1

1

Libsodium is a well regarded library, AES (Advanced Encryption Standard ) is a well secure encryption algorithm, they are not the same kind of thing.

Libsodium provides AES in GCM mode which is quite good as it includes authentication.

The problem with Libsodium is that is has limited algorithms available so interoperability is low.

Safety is largely a matter of how secure your implementation is, any bugs or misuse in encryption break the security.

Define who you are protecting from, ranging from an inquisitive teen to a well funded government and design the security to meet the level you need.

Managing keys is a very difficult problem. On an phone were is usually some form of key repository and that is probably the best you can do. But that relies on the user having a good passcode.

If you want a very secure system pay to have your scheme and code reviewed by a cryptographic domain expert.

Update:
The only secure key management is not to have the key on the device; per my SME (Subject Matter Expert). Require the user enter the passphrase on each invocation of the app and make sure the app is closed after each use. Then you will need to add code to rate limit access attempts with possible exponential back-off delays. Finally the user will have to have a really good passphrase.

zaph
  • 111,848
  • 21
  • 189
  • 228
  • Thanks Zaph, from what I gather in your comment the fact that libsodium uses AES in GCM mode makes it safer,for the encryption my main objective is to protect it from a well funded Govt kind of scenario. For key management kindly advice on the strength of using the phones key repository for key management within the app – James Wahome Feb 15 '16 at 15:18
  • See answer update. You need to define the attacker, their motivation, capabilities and how much time and money they are willing to spend. If you are protecting from a WFG (well funded Government) there is little hope. Along these lines there is an issue of what kind of thing would prompt a WFG to provide the substantial resources to become involved, my "Despicable SME' guesses something substantially illegal. – zaph Feb 15 '16 at 16:06
  • 1
    From [*CRYPTO-GRAM](https://www.schneier.com/crypto-gram/archives/2016/0215.html):, February 15, 2016* "If a sufficiently skilled, funded, and motivated attacker wants in to your computer, they're in. If they're not, it's because you're not high enough on their priority list to bother with." – zaph Feb 15 '16 at 16:39
  • As per your update, in an environment where media being collected is used for whistle blowing for example then the media needs to be as secure as possible to prevent the WFG from getting the media. As for the passphrases I have implemented that as well as automatic logouts when app is idle. The biggest issue I have now is an effective key management for an offline scenario – James Wahome Feb 15 '16 at 16:42
  • 1. Add rate limiting to the passphrase entry, preferably with exponential back off. 2. For key management on a server, you need to add a HSM (Hardware Security Module). – zaph Feb 15 '16 at 19:07