Team GP along with the good folks at Zetetic, are happy to announce that we have reached FINAL on our first release (“v1” 0.0.6 build) of SQLCipher for Android. This means we consider this a production release, ready for shipping with your apps to provide for reliable, open-source, secure application data encryption.
If you need a refresher, here is what the cross-platform, open-source SQLCipher provides:
SQLCipher is an SQLite extension that provides transparent 256-bit AES encryption of database files. Pages are encrypted before being written to disk and are decrypted when read back. Due to the small footprint and great performance it’s ideal for protecting embedded application databases and is well suited for mobile development.
- Blazing fast performance with as little as 5-15% overhead for encryption on many operations
- 100% of data in the database file is encrypted
- Uses good security practices (CBC mode, key derivation)
- Zero-configuration and application level cryptography
- Broad platform support: works with C/C++, Obj-C, QT, Win32/.NET, Java, Python, Ruby, etc on Windows, Linux, iPhone/iOS…
- Algorithms provided by the peer reviewed OpenSSL crypto library.
In addition to our work porting the core codebase, the work done on Android also provides near exact API compatibility with the default Android Database API. This means that developers can drop in SQLCipher, and add data encryption to their application, with very little changes to their existing codebase.
Finally, while full disk encryption is offered newer Android devices from Motorola, and those running Android 3.x Honeycomb or 4.x Ice Cream Sandwich, that only provides encryption of the entire internal or external storage, which must be unlocked and decrypted when the device is booted. The SQLCipher model ensures only a limited amount of data from your app is accessible at anytime, and allows the user or the app to lock itself down, whether or not the device itself is locked or encryption.
Download the Software Development Kit here for integration with your Android apps: https://github.com/downloads/guardianproject/android-database-sqlcipher/SQLCipherForAndroid-SDK-0.0.6-FINAL.zip
You can see all the closed issues addressed in this release.
If you want to build from source, you will need the Android NDK, as well as the SDK. Pull the repo, and run ‘make all’ with the included SQLCipher Makefile.
You can also get started by working with our sample ‘NoteCipher’ project available on Github.
If you happen to encounter them, please report any unexpected behaviours, bugs, typos or other abnormalities, as soon as you can. We know there are still some outstanding issues faced in some cases, but we did not consider them blockers.
SQLCipher for Android Home: https://guardianproject.info/code/sqlcipher/