encrypt file or string secure android

Question

I'm currently stuck with the security in my app. My application records the GPS location of the user every 10 minutes and after 12 hours it sends the data to a server. I'm currently saving the location of the user in a *.txt file in the internal memory. Now, I need to secure this file so it can only be edited my application so the user cannot hack it and change the gps locations recorded.

I've read about encrypting the strings or the file itself but here is my question. All over stackoverflow people do not recommend to hardcode the password even with code obfuscation. How else can I secure the data on this file? Using ProGuard + code obfuscation by myself (bit shifting, mathematical operations, etc) isn't enough to save the password in my code? Any comments appreciated, I need this to be secure as the data must remain untouched. Thanks!!

Answer 1

If the password is in memory, even unencrypted/obfuscated, it can be recovered and/or abused if the user knows what they are doing.

To fix this, you should have the app request a key from the server to use for encryption. The key itself should be encrypted/signed using SSL so that you can guarantee that your server sent the key, and that the key can't be intercepted in the process. Immediately clear the key from memory so that it does not remain on the device.

This solution still isn't fool proof. The user could reverse engineer the app and tell it to use any old key. As long as you are storing the coordinates on the device, they will be vulnerable in some way. Using the technique I just described, an attacker could still spoof the GPS source, or use a replay attack. To prevent this you would need to use a different key for each save, and keep track on the server which order the keys were applied.

A safer method would simply be to not store the locations on the device at all. Upload them as soon as they are available, using the encryption/signing SSL method to prevent tampering. Sanity check them on the server to rule out bad spoof jobs. When trusting data originating from the device (e.g. GPS coordinates), you are at risk of manipulation from a clever attacker.