cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Contributor I

Encryption of data at rest on a mobile device Application

Good morning folks,

 

I hope that the techy guys are around to help me a bit with this as I am struggling myself to see the picture. I am trying to understand how a mobile application that is installed on... say - a smartphone encrypts data at rest. It is said that the app "X" encrypts the data on the device using a symmetric key. I know the PKI concepts - know what is symmetric and asymmetric encryption however wondered - when we talk encryption for data at rest is it relevant to say symmetric key?? I think not.... these terms are commonly used for the encryption in transit right? 

Second and more important - if say the app "X" indeed encrypts the data at rest on the phone itself, how should the encryption key be stored? I assume that the password used to login to the application is not the key for the encryption at rest, rather a service linked to the authentication mechanism looks for the encryption key on the storage of the phone once the user has logged in and pulls it out to decrypt the data - but how is this key stored and protected? Sorry if the above does not make sense - I am not an app developer and am wondering how this mechanism works.

1 Reply
Newcomer II

Re: Encryption of data at rest on a mobile device Application

Quick reply.

 

The first thing I had to think about is Bitlocker. Only with Bitlocker the encryption key is stored in the TPM chip. You get an ID, with this ID you can unlock the disk and boot.

 

There is no TPM chip in a mobile device, so it's a good question.

I will continue to follow this topic.


Jeroen van de Weerd

Loose lips sink ships....