Reputation: 18754
Storing an encryption key in Blackberry application
I am encrypting the communication with the server in my blackberry app. I am using the RC4 encryption which needs a key to be provided. What's the best place to hide this key inside the application ? First of all is application a good place to store the key and second, is it safe to use a String variable to store the key ? Any suggestions/tips ?
Upvotes: 2
Views: 97
Answers (1)
Reputation: 8920
That depends on what your definition of 'safe' is. If you put the key in plain text anywhere in the application there are people with the skills to find it and use it to compromise your application communications. Whether that happens or not will depend on how attractive doing that would be.
You could place it in the device keystore, but you would still have to distribute the key somehow.
Why aren't you using SSL/TLS?
Upvotes: 2
Related Questions
- how to securely store encryption keys in android?
- BlackBerry - Avoiding Encryption
- Best way of saving password into blackberry memory
- AES algorithm in blackberry
- SQLite Encryption in BlackBerry
- AESDecryption in Blackberry
- Port Java-SE encryption code to BlackBerry
- Encryption on a Java based mobile
- Blackberry encrypt+persist data
- Blackberry Content Protection and the Persistent Store