stackoom
  简体   繁体   中英

Android Encryption/Decryption

 原文  2018-10-24 20:07:58       java/ php/ android/ encryption

Question

There are many encryption algorithms and most of them require IV and KEY and Plaintext .

In Android, we have to add 3 of them to our code. On the other side, Android is open source and everyone can extract APK files and access the IV and the KEY , this doesn't make it secure.

Which algorithms are better and unbreakble that can be applied in Java and PHP. I'm working on a Project similar to Instagram/Facebook/Twitter, Security is the first problem for such applications.

1 answers

solution1
 0 ACCPTED  2018-10-25 09:20:14

Let's start with basic stuff:

  • never store an IV/KEY in the source code or unencrypted within the app filesystem
  • your might want to look into the Android KeyStore and it's supported operations
  • you might need to depend upon the existence of a hardware keystore (so that users cannot modify locally stored keys)

For more information I would recommend to look into the OWASP MSTG -- Android Data Store and Android Cryptographic APIs might be interesting to you

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Android String Encryption/Decryption Encryption/decryption between Java and Android Android RSA encryption and Python decryption PHP + Android XML Encryption/Decryption Equivalent Encryption and Decryption on iOS and Android Blowfish on android studio for encryption/decryption Android File Decryption and Encryption taking time How to implement DUKPT encryption & decryption in Java/Android? AES 256 Encryption and Decryption of audio files in android Android & PHP Encryption / Decryption - Padding problems
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM