Project Capillary

  • Thread starter Sushubh
  • Start date
  • Replies: Replies 0
  • Views: Views 495
  • Tags
    google
Sushubh

Sushubh

Admin
Staff member
Messages
394,557
Location
Gurgaon
ISP
Excitel
Airtel
Android Developers Blog: Project Capillary: End-to-end encryption for push messaging, simplified

Developers already use HTTPS to communicate with Firebase Cloud Messaging (FCM). The channel between FCM server endpoint and the device is encrypted with SSL over TCP. However, messages are not encrypted end-to-end (E2E) between the developer server and the user device unless developers take special measures.

To this end, we advise developers to use keys generated on the user device to encrypt push messages end-to-end. But implementing such E2E encryption has historically required significant technical knowledge and effort. That is why we are excited to announce the Capillary open source library which greatly simplifies the implementation of E2E-encryption for push messages between developer servers and users' Android devices.

We also added functionality for sending messages that can only be decrypted on devices that have recently been unlocked. This is designed to support decrypting messages on devices using File-Based Encryption (FBE): encrypted messages are cached in Device Encrypted (DE) storage and message decryption keys are stored in Android Keystore, requiring user authentication. This allows developers to specify messages with sensitive content, that remain encrypted in cached form until the user has unlocked and decrypted their device.

google/capillary: Capillary is a library to simplify the sending of end-to-end encrypted push messages from Java-based application servers to Android clients.

Capillary is a library to help developers add end-to-end encryption for push notifications
 

Similar threads

Sushubh
Replies
4
Views
557
Sushubh
Sushubh
Replies
1
Views
595
Sushubh
Replies
1
Views
619
S
Replies
14
Views
18,300
torrentbhai