Facebook has released to open source its Conceal Java crypto libraries for Android devices.
Conceal, according to Facebook, offers developers a lightweight and efficient crypto library. The social media giant developed Conceal to handle encryption of storage on removable SD cards, something that has a negative performance impact on mobile devices, the company said. It also isn’t the ideal security solution because Android treats SD cards as a publicly accessible directory that any mobile app can read if granted appropriate permissions.
“We saw an opportunity to do things better and decided to encrypt the private data that we stored on the SD card so that it would not be accessible to other apps,” Facebook said in a post. “We created Conceal to be small and faster than existing Java crypto libraries on Android while using memory responsibly.”
Conceal, however, isn’t flexible. It provides default options only to developers, rather than the gamut of encryption algorithms other libraries provide.
“We think this makes sense because encryption can be very tricky to get right,” Facebook said.
Developers will see that Conceal has been released under a BSD license that allows it to be modified. Facebook has built Conceal using parts of the OpenSSL crypto library to keep the file sizes down to a minimum, rather than shipping the whole OpenSSL library.
“We believe providing a smaller library will reduce the friction of adopting state of the art encryption algorithms, make it easier to handle different Android platform versions, and enable us to quickly incorporate fixes for any security vulnerabilities in OpenSSL as well,” Facebook said.
“As is true with many crypto libraries, higher-level wrappers that can offer sane cipher suites and modes are extremely valuable to the developer community,” said Jon Oberheide, CTO at Duo Security. “Developers aren’t (and shouldn’t be) experts in cryptography, so preventing them from shooting themselves in the foot with libraries like Conceal is a very welcome development and boost for mobile app security.”
Conceal uses an offshoot of the AES encryption standard known as AES-GCM which, in addition to encrypting data, simultaneously computes a message authentication code (MAC) of the data. Android devices are limited in capability by their hardware making separate AES and MAC computing inefficient, Facebook said, adding that commonly AES is used to encrypt data and then a MAC message using the HMAC algorithm for example, encrypts that data.
“We found that computing an HMAC takes significant time in the encryption of data,” Facebook said in explaining its decision to go with AES-GCM.
Facebook said that this abstraction also gets around known vulnerabilities in the Android random number generator.
“Specifically, Conceal provides default implementations of key management and stores the key in private SharedPreferences by default,” Facebook said. “It also performs authenticated versioning of the encryption libraries so that if we change the encryption algorithms we use in the future, we can retain both compatibility with previously encrypted data and resistance against cross version attacks.”