Reputation: 2101
iphone/android - How to quickly crypt/decrypt a huge number of critical data on mobile devices? Which strategy would you use?
I will develop a mobile application on Android and iPhone/iPad that will contain a huge number of data (several MB, let's say 50 MB). Thus, these data will be stored on an external storage like a SD card.
Besides, they are critical and user must not be able to read them!!!
I guess how could I crypt/decrypt these data?
Here the main points to keep in mind:
Application is running on mobile device:
- limited ressources (CPU, memory...)
These data will be read-only :
- need only to develop the decrypt feature on the device
Application must quickly react:
- response time to decrypt must be shortest as possible
Note: just a few amount of these data have to be decrypted according to the user actions:
For point number 3, I think to:
- use an index mechanism to quickly find the data to decrypt.
- use a C/C++ function to do the decryption on Android, using a Java/JNI bridge
Any other suggestions or methods from other experimented Android and iPhone/iPad developers ?
Upvotes: 0
Views: 230
Answers (1)
Reputation: 8990
First of all, there's no way to store data on an external medium like an SD card on the iPhone.
This being said, what you like to achieve is impossible. If some encrypted data is meant to be decrypted on the device (even if only partially), this means the app needs to store the decryption key. This in itself is insecure, even with code obfuscation it is still technically possible for a motivated attacker to retrieve that key by reverse engineering your app.
So, if that data must not be made freely available through a malicious attack, don't store it in the device.
And even if you don't store it locally but instead transmit the decrypted data through a secure channel as needed - there's attacks for that, too.
It all boils down to this: There's always a vulnerability that may be exploited. You can try making it as hard for an attacker as possible to break in, but you must always keep in mind that it might be possible after all.
Upvotes: 1
Related Questions
- Encrypt User data, but Decrypt it for Research Purposes
- Speed up encryption/decryption?
- Secure Storage of Personal User Data on iOS Device
- What's the best way to store sensitive data for iOS/Android apps?
- How to store data securely on a mobile device?
- Encrypt information on Android devices (protect reasonably from access by user)
- Encryption that works equally for iPhone and Android
- Common Encryption process for iPhone and Android
- How to secure big amounts of data in an iPhone app?
- What's the best encryption algorithm for the iPhone in terms of speed and security?