Login/Register
Using Android NDK for encryption of data passed from normal android app
Asked Answered
Solved androidencryptionandroid-ndkblowfish
H

5

9

Is it possible and worth trying to develop some server application using android NDK which will encrypt data (or just use some built in Linux encryption library) passed to it from normal Java based application?

I tried using Cipher library, but it took almost a minute to encrypt 2MB file with AES. And blowfish is not available in Cipher until Android 2.3(?). And I doubt it will be much faster.

I was using blowfish for encryption on Symbian and it was much faster (under 5-10 seconds) so I think in android it is slower because of using Java virtual machine and I'd like to try native app for it.

Have someone done it before?

EDIT: Encrypting in NDK is so much faster. Do it there. There is a similar question with the same answer for AES: AES decryption on Android too slow to be usable. Will NDK be faster? Other ideas?

Howenstein answered 16/2, 2011 at 8:13 Comment(3)
I've implemented quite some cryptographic algorithms in Java and it sure is (a lot) slower than C/C++ in this regard. I did not get Skein running much faster than 100 MB/s running on the Oracle JVM. If you implement AES, try and get a good unrolled loop (e.g. 8 rounds in one iteration) and make sure your application does not perform any unnecessary memory copies.Scalene
I am trying to implement AES in the NDK as well. Could you share what you did? Did you use some other provider for AES in your NDK project, or did you roll your own implementation?Odle
I'm using blowfish, and implementation was taken from there.Howenstein
W
1

What version of Android are you testing against? Bear in mind that starting with Froyo, there's a tracing JIT which should work quite well for the math-intensive loops in a crypto library.

For older versions, you'd probably want to do it with the NDK, yes. I don't know why you need a server, though - simply compile any good/fast crypto library and make a wrapper around it using the NDK. Then, you can simply use the wrapper from your java-based app.

Wilton answered 26/5, 2011 at 14:10 Comment(1)
There was no big difference between encrypting on froyo and older releases. But after i've implemented it in NDK 1MB file is encrypted in about 1 sec (comparing to 30 - 60 secs using gnuCrypto java lib). So I will consider you answer as correct - do it in NDK.Howenstein
A
2

BouncyCastle in Android 2.2 is horribly slow with AES/CBC/PKCS5 while using stream decryption. CPU is going to 100% and throughput is 5kb/sec.

Using Chilkat is magnitudes faster and keeps CPU usage low (even in the Emulator). But Chilkat is not offering an InputStream to handle stream decryption and is buffering all the encrypted bytes internally (until a heap space error occurs). So you must manage stream decryption yourself (e.g. by initializing chilkat for every block...)

Airmail answered 22/7, 2011 at 10:44 Comment(0)
W
1

What version of Android are you testing against? Bear in mind that starting with Froyo, there's a tracing JIT which should work quite well for the math-intensive loops in a crypto library.

For older versions, you'd probably want to do it with the NDK, yes. I don't know why you need a server, though - simply compile any good/fast crypto library and make a wrapper around it using the NDK. Then, you can simply use the wrapper from your java-based app.

Wilton answered 26/5, 2011 at 14:10 Comment(1)
There was no big difference between encrypting on froyo and older releases. But after i've implemented it in NDK 1MB file is encrypted in about 1 sec (comparing to 30 - 60 secs using gnuCrypto java lib). So I will consider you answer as correct - do it in NDK.Howenstein
Y
1

To answer your question, yes you could probably write something that would run with the NDK, but I don't see why you would need to.

If you just want to encrypt data that's going into the sql storage you can check out SQLCipher ( https://guardianproject.info/code/sqlcipher/ )

You might also try using some bouncy castle libraries ( http://www.bouncycastle.org/java.html ). They may be faster than the built in android one or they may have a blowfish library which you can use.

Yirinec answered 27/5, 2011 at 20:29 Comment(1)
If you do use bouncy castle libraries, I believe you'll have to modify them a bit, because they are already in the android stack, but not public to application developer.Alage
S
0

This is not open source but performance point of view Chillkat the best I found.

Schizophrenia answered 2/6, 2011 at 8:24 Comment(0)
K
0

Of course it is possible to use external library to do crypto. You can use openssl for example https://github.com/guardianproject/openssl-android. The only question is how large will be the impact of JNI layer that exist between Java and C code. If you need to pass lot of date to C and back then benefit from having native library could be negated by JNI layer. It would be much better to move more functionality from Java to C in a way that data that should be encrypted could be processed in C only. For example network stack and encryption could be in C while user interface in Java. This is just proposal you should know better if this is possible or not.

Kaleykaleyard answered 2/6, 2011 at 12:7 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.