Is there any understandable examples of using KeyStore in Android?
I can't really understand how do I have to protect my password/token/anything_else in Android application in ROOTED device from being used by hackers who have physical access to the device.
I understand i can generate KeyPair with some ALIAS, and use it's private key as database password for example, but I'am interested in: can any hacker read this ALIAS from my decompiled apk(because i can't obfuscate alias string) and build another app which uses same ALIAS to get privateKey from android KeyStore?
Any solutions?
A public/private key RSA pair is generated, which is stored in the Android device's keystore and protected usually by the device PIN. An AES-based symmetric key is also generated, which is used to encrypt and decrypt the secrets.
I got the point that to secure your application use all string value, network call URLs in string. xml file. Your class files convert into java file. And resources got encrypted in other file.
Use external storage Because external storage can be removed by the user and also modified by any application, don't store sensitive information using external storage. To read and write files on external storage in a more secure way, consider using the Security library, which provides the EncryptedFile class.
I can't really understand how do I have to protect my password/token/anything_else in Android application in ROOTED device from being used by hackers who have physical access to the device.
You can't. Client Authenticity is Not the Server's Problem.
Let's say you store an encrypted value in your app rather than storing the value directly. Where's the key to decrypt this value? The app will necessarily need to decrypt this value. Now all a hacker needs to do is download your .apk, plug it into Lobotomy, and they will quickly figure out what's going on.
You're better off simply never placing sensitive information on the device itself, if you want to hide it from the people who run your software.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With