Conceal

Conceal

Fast cryptographic operations for Android

Conceal provides a set of easy to use APIs for performing fast encryption and authentication of data. Apps can use Conceal to encrypt data and large files stored in public locations, for example SD cards.

Github

About

Conceal provides a set of Java APIs to perform cryptography on Android. It was designed to be able to encrypt large files on disk in a fast and memory efficient manner. The major target for this project is typical Android devices which run old Android versions, have low memory and slower processors.

Unlike other libraries, which provide a Smorgasbord of encryption algorithms and options, Conceal prefers to abstract this choice and use sane defaults. Thus Conceal is not a general purpose crypto library, however it aims to provide useful functionality.

Speed

Reading Encrypted Data

Write Encrypted Data

Mac Data

The figures show benchmarks run on the Galaxy Y phone.

Conceal doesn't implement any crypto, but instead, it uses specific cryptographics algorithms from OpenSSL. Conceal attempts to manage memory efficiently between the native and Java heap. Conceal also uses fast modes like AES-GCM and HMAC-SHA1 by default.

OpenSSL is a very large library, and would increase the size of apps. Conceal ships with only a select number of encryption algorithms from OpenSSL which make it much smaller (85KB). More details in the FAQ.

Using Conceal

// Creates a new Crypto object with default implementations of 
// a key chain as well as native library.
Crypto crypto = new Crypto(
  new SharedPrefsBackedKeyChain(context),
  new SystemNativeCryptoLibrary());

FileOutputStream fileStream = new FileOutputStream(file);

// Creates an output stream which encrypts the data as
// it is written to it and writes it out to the file.
OutputStream outputStream = crypto.getCipherOutputStream(
  fileStream,
  entity);

// Write plaintext to it.
outputStream.write(plainText);
outputStream.close();

Download

Conceal can be built using Buck.

Download Conceal Java Library
Download Conceal Native Libraries
View on Github

Who uses Conceal?

Facebook currently uses Conceal to store image files on SD cards. Conceal helps Facebook protect user's private data by encrypting data stored on SD cards while allowing users to move some of the data storage needs of the app to the expandable SD card.

License

BSD License

For Conceal software

Copyright (c) 2014, Facebook, Inc. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)