lundi 20 avril 2015

Secure place to store encryption/decryption key on android

Vote count: 0

In my scenario, the app user should not be able to manipulate a set of strings, because they are incomplete game scores that goes to a leader-board when they complete the game. If they modify them it is a unnecessary advantage. I tested string encryption and storing in a file using the code shown here.
http://ift.tt/1zBiJS5

It says 'Note: If you are generating a random key, you'll probably be storing it somewhere'.

Whats the best place to store this key or is there a better way to achieve my objective.

 try {
        SecretKeys key;

        key = generateKey();
       //Note: If you are generating a random key, you'll probably be storing it somewhere


        // The encryption / storage & display:

        String keyStr = keyString(key);
        key = null; //Pretend to throw that away so we can demonstrate converting it from str
        String path = getPath();
        String textToEncrypt = savePuzzle(path + "/intput.txt");
        Log.i("Tozny", "Before encryption: " + textToEncrypt);

        // Read from storage & decrypt
        key = keys(keyStr); // alternately, regenerate the key from password/salt.
        CipherTextIvMac civ = encrypt(textToEncrypt, key);
        String temp = civ.toString();
        Log.i("Tozny", "Encrypted: " + temp);


        CipherTextIvMac civ2 = new CipherTextIvMac(temp);
        String decryptedText = decryptString(civ2, key);

asked 1 min ago



Secure place to store encryption/decryption key on android

Aucun commentaire:

Enregistrer un commentaire