简体繁体中英

Is it necessary to secure the secret (e.g., key) in the .so file?

原文 2019-05-30 09:36:42 1 1 android/ shared-libraries/ apk/ reverse-engineering/ obfuscation

A private key has been #define in the C code of .so file. This key is used for the customized authentication process between client-server.

In some video and blog , people show how to disassemble .so file using IDA as well as extract function information. The output should be assembly language. How difficult to extract the key value from such output?

If the answer is the key defined in .so also needs protection, do I need to apply obfuscation on the C code before converting it to .so? Whether the normal algorithm will be affected for C?

1 answers

It is possible and for skilled reverse engineer it is more or less easy. Obfuscating the secret key only slows down the hacker, but don't give you 100% protection. Consider using certificates signed by some authority.

XML Decleration necessary in Android XML Files (e.g. Layouts)?

How to implement 3D Secure (Verified by Visa / MasterCard SecureCode) on Native mobile app (e.g. IOS)

how to secure my secret key in strings.xml file in Android

How do you configure local_auth in flutter correctly if you want to secure the whole app with it (e.g. bank apps)?

How to add resources (e.g. a text file) in a Java Library for Android

Reset the layout parameters of a programmatically modified widget (e.g. textview) from the xml file

Android / Java: HttpURLConnection doesn't return headers of redirected file (e.g. on S3)

How to tell Android to open custom file type in my application on some devices, e.g. Samsung

How to store docx file in assets folder to device public directory on android device e.g. “Downloads”

How to access a downloaded internal-file icon and use as a drawable e.g. in setIcon(drawable)

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question XML Decleration necessary in Android XML Files (e.g. Layouts)? How to implement 3D Secure (Verified by Visa / MasterCard SecureCode) on Native mobile app (e.g. IOS) how to secure my secret key in strings.xml file in Android How do you configure local_auth in flutter correctly if you want to secure the whole app with it (e.g. bank apps)? How to add resources (e.g. a text file) in a Java Library for Android Reset the layout parameters of a programmatically modified widget (e.g. textview) from the xml file Android / Java: HttpURLConnection doesn't return headers of redirected file (e.g. on S3) How to tell Android to open custom file type in my application on some devices, e.g. Samsung How to store docx file in assets folder to device public directory on android device e.g. “Downloads” How to access a downloaded internal-file icon and use as a drawable e.g. in setIcon(drawable)

Related Tags

Is it necessary to secure the secret (e.g., key) in the .so file?

Question

1 answers

solution1 1 2019-05-30 11:01:15

solution1
1 2019-05-30 11:01:15