My $.02 is to pick an established protocol, not just an algorithm. In some cases, it is possible to use an algorithm in such a way that you end up having less security that you think you're getting.
On Thu, Sep 2, 2010 at 3:55 PM, Chris Palmer <[email protected]> wrote: >> Can you tell me a good library for password en/decryption which works >> on android and google app engine. I have to send an encrypted string >> via webservices between android and gae. > > I don't know anything about App Engine, but in one minute I was able > to find out that it has PyCrypto: > > http://code.google.com/appengine/docs/python/tools/libraries.html#PyCrypto > > Android has Bouncy Castle and OpenSSL, as you know. > > In theory, as long as both sides use compatible/standard padding and > formatting, they should be able to communicate with each other. Most > crypto libraries support a bunch of basic algorithms, such as HMAC, > RSA, and AES, so you should be good there. > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
