Use an External Seed for Data at Rest Encryption in Mobile Apps

An external seed for Data at Rest encryption is a number used to initialize a pseudo or random number generator for creating the encryption keys utilized in Data at Rest encryption for mobile apps. 

This Knowledge Base article summarizes the steps needed to provide your own seed to generate encryption keys used by a mobile app for Appdome data at rest encryption.

We hope you find it useful and enjoy using Appdome!

About External Seed for Data at Rest Encryption

Appdome is a mobile integration platform as a service (iPaaS) that allows users to add a wide variety of features, SDKs, and APIs to Android and iOS apps. Using a simple ‘click to add’ user interface, Appdome allows anyone to easily implement an external seed for data at rest encryption to any mobile app – instantly, no code or coding required.

Using Appdome, there are no development or coding prerequisites. For example, there is no Appdome SDK, libraries, or plug-ins to implement. Likewise, there is no requirement to implement data at rest encryption manually or to have access to all the location the application is writing the files to the sandbox for developing external seed for data at rest capabilities for Android or iOS apps. Using Appdome, mobile apps will have data at rest capabilities as if they were natively coded into the app. Except using Appdome, the integration takes less than a minute, and there’s no coding at all.

With In-App Generated Seed for Data at Rest Encryption, developers or other mobility, security or IT professionals can seed Appdome’s data at rest capabilities with an external secret, derived from a backend server or from user input. This results in the derivation of a unique encryption key. The Data at Rest encryption key will be seeded via Appdome Dev-Events.  With DEV-Events you can use Appdome to handle in apps events and seed you key internally. 

Prerequisites for External Seed For Data at Rest Encryption

There are some app developer steps you can take with apps to set an external seed to receive the key that is being sent for data at rest encryption.

External Seed on Native Apps

Using the following code to decide what will be the external seed for the key with Data at Rest encryption for iOS and Android.

Android

Call this function from any activity

private void sendSeedDataAtRestEvent(String secretSeed) {
      Intent intent = new Intent("SeedDataAtRest");
      Bundle bundle = new Bundle();
      bundle.putString("Seed", secretSeed); 
      intent.putExtras(bundle);
      sendBroadcast(intent);
}

iOS

Add this code snippet this from anywhere in the application

[[NSNotificationCenter defaultCenter] postNotificationName:@"SeedDataAtRest" object:nil userInfo: @{@"Seed": secretSeed}];

External Seed on Xamarin Apps

iOS

Open a Xamarin.Forms project in Visual Studio.

Open the file AppDelegate.cs. Under FinishedLaunching method add the following lines :

public const String secretSeed = "mySecretSeed";
NSNotificationCenter.DefaultCenter.PostNotificationName(
   (NSString)"SeedDataAtRest",
   null,
   new NSDictionary<NSString, NSObject>(new[] { new NSString("Seed") }, new NSString[] { new NSString(secretSeed) })
  );

Add a class variable to your app:

public const String secretSeed = "mySecretSeed";

Android

Using the following code to decide what will be the external seed for the key with Data at Rest encryption for Android. In the MainActivity.cs file, add the following method SendSeedDataAtRestEvent().

private void SendSeedDataAtRestEvent(String secretSeed)
{
Intent intent = new Intent("SeedDataAtRest");
Bundle bundle = new Bundle();
bundle.PutString("Seed", secretSeed);
intent.PutExtras(bundle);
SendBroadcast(intent);
}

Then add a call to this method from the protected override void OnCreate(Bundle savedInstanceState) method:

SendSeedDataAtRestEvent("mySecretSeed");

External Seed on Cordova Apps (iOS and Android)

  • Create a Cordova project
  • Add the project your app platform: Android and/or iOS
  • Add Cordova-plugin-broadcaster – Cordova Plugin which allows messages exchange between javascript (Android LocalBroadcastManager and iOS NSNotificationCenter) and native (and vice-versa).

Using the following code to decide what will be the external seed for the key with Data at Rest encryption for iOS and Android:

window.broadcaster.fireNativeEvent( "SeedDataAtRest", {Seed: "<a dictionary with the secret seed to send>"}, null);

External Seed on Swift Apps

Using the following code to decide what will be the external seed for the key with Data at Rest encryption for iOS:

NotificationCenter.default.post(name: NSNotification.Name("SeedDataAtRest"), object: nil, userInfo: ["Seed" : "mySecretSeed"] )

External Seed on Kotlin Apps

Using the following code to decide what will be the external seed for the key with Data at Rest encryption for iOS:

val intent = Intent("SeedDataAtRest")
val bundle = Bundle()
bundle.putString("Seed", "mySecretSeed")
intent.putExtras(bundle)
sendBroadcast(intent)

External Seed on React-Native Apps (iOS and Android)

  • For iOS – open the iOS project in Xcode (resides in IOS folder under the root directory of the project)
  • For Android- open the android project in Android Studio (it resides in the Android folder under the root directory).

Using the following code to decide what will be the external seed for the key with Data at Rest encryption for iOS and Android:

import {NativeModules} from 'react-native';
export function post_seed() {
    NativeModules.ADDevEvents.postDevEvent("SeedDataAtRest", {"Seed": "mySecretSeed"});
}

How to use an External Seed for Data at Rest Encryption to Any Mobile App on Appdome

Follow these step-by-step instructions to add External Seed For Data at Rest Encryption to Any Mobile App.

Upload a Mobile App to Your Account

Please follow these steps to add a mobile app to your Appdome account.
If you don’t have an Appdome account, click here to create an account.

From the “Build” tab, select Security

  1. Expand TOTALDataTM Encryption category
  2. Click on the toggle to enable Data at Rest Encryption
  3. Expand the Encryption Management sub-category:
  4. Click on the toggle to enable In-App Generated Seed
  5. Click Build My App

The technology behind Build My App has two major elements – (1) a microservice architecture filled with 1000s of code sets needed for mobile integrations, and (2) an adaptive code generation engine that can recognize the development environment, frameworks and methods in each app and match the app to the relevant code-sets needed to add the External Seed for Data Rest Encryption to the mobile app in seconds.

Congratulations! You now have a mobile app fully integrated with External Seed for Data at Rest Encryption.

What to do After I Build My App?

After you successfully Built an app, you need to sign the app in order to deploy it. You can also brand or customize a Fused app on Appdome. Read this Knowledge Base article to learn what to do after you successfully built an app. It explains both optional steps and required steps.

How Do I Learn More?

This topic expands on Data at Rest encryption, you can read more about it at Data at rest encryption for mobile apps

To zoom out on this topic, visit  Appdome for Mobile App Security on our website.

Thank you!

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.

Paul Levasseur

Have a question?

Ask an expert