-2

I am using PHP WebService to send my data to server. Somehow my data is too much important and for the same I have to use some encryption algorithm to send my data to webservice. And then webservice has to decrypt that data and further proceed. Same way, when WebService sends a response, response should be encrypted and from client side it would be decypted.

Can anyone suggest me what algorithm or what method I should implement for the above issue?

Mat
  • 202,337
  • 40
  • 393
  • 406
Nirav Bhandari
  • 4,550
  • 6
  • 32
  • 59
  • Searching this site returned lots of results: http://stackoverflow.com/questions/4816771/android-encryption -- the first one with an accepted answer has code – kdgregory Nov 15 '11 at 22:50

2 Answers2

1

Here is an snippet to comunicate with PHP servers.. it should be much difference with any other language.

Also, you must also find the way to obfuscate the key as much as you can on your android apk can be "extracted" by someone with malicious intentions and look up for the encryption key.

SERPRO
  • 10,015
  • 8
  • 46
  • 63
  • Following that model will lead to every instance of the application using the same key. That's only suitable if you don't plan to distribute the application. – David Schwartz Nov 14 '11 at 10:27
  • As I say, it's not the most secure way, but I does encrypt the data between the application and the webserver.. – SERPRO Nov 14 '11 at 10:28
1

You should use TLS (also known as SSL).

David Schwartz
  • 179,497
  • 17
  • 214
  • 278