This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I have a mobile phone app which sends an xml file containing a 'username\password' pair to a web service. I need to encrypt the password before it is sent, then decrypt it on the web service and store it in a database.
What is the most efficient way of going about this task?
I need the encrypted password to be dynamic, therefore I could create a dynamic key. I also need to use symmetric cipher(for speed).
Is PBE suitable, secure enough? I could create the key, on the mobile app side, and send it as part of the xml file.
I'm new to encryption, so any help greatly appreciated. Thanks, Stephen