#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    1
    Rep Power
    0

    Exclamation SSL vs Encyption


    i am pretty new to this aspect so forgive me if I don't make much sense. I am working on creating an android mobile application which needs to connect to a server from time to time. The application makes use of sensitive data which I would not like to get into the wrong hands so far I have been able to come up with a model to protect sensitive data both on device and server. However I am still vulnerable to man in the middle attacks. I have done some reading and searching on my own and found I can either encrypt the data during transport using AES public key infrastructure or I can use an SSL certificate. Obviously SSL would be the better was to go but then again am concerned about the computation overhead it will require. Further digging around led me to find RCF-SSL which is fast and convenient as Google implements this system but a simple search reveals that RCF encrypted data can easily be de-crypted by dedicated hackers. My question is what would be the preferred method of transport security and why? If its SSL which encryption strategy is secure, fast, doesn't require computation overhead and is preferably recognized by most browsers?
  2. #2
  3. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    Cross-posted at StackExchange.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".

IMN logo majestic logo threadwatch logo seochat tools logo