Tuesday, March 13, 2018

Android P Tends To Completely Remove Cryptography.




The new released Android P. has specifically call out some backward on changes planned to make  on the cryptographic capabilities in Android P, which we  see in the developer preview earlier on.
Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa.








 It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it.

Cryptography not only protects data from theft or alteration, but can also be used for user authentication.

Cryptography is used in many applications like banking transactions cards, computer passwords, and e- commerce transactions.


The android developers are not doing this because they are concerned about the security of the implementations from the BC provider; rather they think that duplicating functionality imposes additional costs and risks with not much more benefit.

According an article on Android developers Crypto provider was deprecated beginning in Android Nougat. Since then, any request for the Crypto provider by an application targeting API 23 (Marshmallow) or before would succeed, but requests by applications targeting API 24 (Nougat) or later would fail.

 In Android P, which is the latest now, the plan is remove the Crypto provider entirely. Once removed, any call to SecureRandom.getInstance("SHA1PRNG", "Crypto") will throw NoSuchProviderException.







Please ensure your apps have been updated.

No comments:

Post a Comment