Conceal: Facebook's new Java APIs for cryptography on Android

Summary:Facebook is open sourcing a new security tool intended to help developers write apps that are more secure and efficient on Android.

zdnet-facebook-conceal

The term "conceal" might not be the most ideal moniker for a new tech and data-related product these days in the wake of the revelations about the National Security Agency.

That might even go double when the product is about cryptography.

Nevertheless, Conceal fits the bill as the title of Facebook's new set of Java APIs for enabling cryptography on Android.

Even though the world's largest social network is celebrating its 10th birthday this week (today, in fact), Facebook itself is handing out plenty of gifts. They range from a fancy new news reader app dubbed Paper to a tear-inducing personalized video reel chronicling Facebook users' shared moments over the last decade.

As a treat for mobile developers, Facebook is open sourcing a new security tool intended to help them write apps that are more secure and efficient on Android.

Subodh Iyengar, a software engineer at Facebook, explained in a blog post on Monday that these tools specifically target woes surrounding caching and storage.

He stressed that Conceal was designed as a smaller alternative to existing Java cryptography libraries in order to use memory more efficiently.

Conceal doesn't implement any crypto. Instead, it uses specific cryptographic algorithms from OpenSSL. OpenSSL's crypto library is about 1MB when built for armv7. By using only the parts of OpenSSL we needed, we were able to reduce the size of OpenSSL to 85KB. We believe providing a smaller library will reduce the friction of adopting state of the art encryption algorithms, make it easier to handle different Android platform versions, and enable us to quickly incorporate fixes for any security vulnerabilities in OpenSSL as well.

Facebook itself is using Conceal to store image files on SD cards, which the Menlo Park, Calif.-headquartered company asserted will help protect private user data through the encryption of data stored on these cards while moving other data around for faster processing.

As a major backer of the Open Compute Project each year, Facebook is increasingly becoming one of the loudest (or at least well-known) champions of open source technology in Silicon Valley.

Thus, like many of its other developer tools introduced in the last few years, Facebook has published Conceal to Github for immediate access now.

Image via the Facebook Engineering blog

Topics: Web development, Android, Apps, Mobility, Social Enterprise

About

Rachel King is a staff writer for CBS Interactive based in San Francisco, covering business and enterprise technology for ZDNet, CNET and SmartPlanet. She has previously worked for The Business Insider, FastCompany.com, CNN's San Francisco bureau and the U.S. Department of State. Rachel has also written for MainStreet.com, Irish Americ... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.