Android boasts of a comprehensive crypto API suite that application developers can use to secure data, both at rest and in transit.
Android provides APIs for symmetric and asymmetric encryption of data, random number generation, hashing, message authentication codes, and different cipher modes. Algorithms supported include DH, DES, Triple DES, RC2, and RC5.
Secure communication protocols such as SSL and TLS, in conjunction with the encryption APIs, can be used to secure data in transit. Key management APIs including the management of X.509 certificates are provided as well.
A system key store has been in use since Android 1.6 for use by VPN. With Android 4.0, a new API called
KeyChain provides applications with access to credentials stored ...