Reputation: 57
Protect key used to decrypt encrypted database with sqlcipher in Android app
I am developing an android application that contains a database previously encrypted SQLCipher in the "assets" directory. This SQLite database is copied from the directory "assets" to the application data directory.
The application makes use of SQLCipher to decrypt and access the data from the database, but the problem is that the key to the database is stored in a String, which, if someone decompile the APK file can be obtained the key.
Is there any way to protect the key to not be able to get that key to decompile the APK?
PS If you do not understand me, do not write well in English, because I am Spanish.
Upvotes: 0
Views: 2220
Answers (1)
Reputation: 1388
We provide some guidance on key material and selection here for SQLCipher, please note that hardcoding a key in application code is not suitable for any secure implementation.
Upvotes: 1
Related Questions
- How to open a database encrypted with SQLCipher?
- How to avoid reverse engineering of an APK file
- How to change spinner text size and text color?
- Opening Sqlite DB encrypted using SQLite Encryption Extension with DB Browser with SqlCipher
- How to decrypt SQLCipher encrypted file in android?
- Select rows from Sqlcipher encrypted database in PHP
- Android SQLCipher RC4 encrypted database file "file is encrypted or is not a database"
- "File is encrypted or is not a database" error is coming when trying to decrypt an encrypted database in android