I am using room library to store my data, and my restriction is i cannot have api level below 22.
Now I am having an attribute which i have to encrypt as this is having some sensitive data.
I have successfully implemented encryption on simple strings but in room we are storing a list directly into database.
Till now i have tried AES and RSA both on a simple string.
Is there any approach available by which without creating extra objects i can encrypt my whole attribute in db.
PS: SQLCipher is a heavy call hence i am not using that too.
You can Use SQLCipher. Its supports Room Database. Check Below Link.
SQLCipher for Android has a SupportFactory class in the net.sqlcipher.database package that can be used to configure Room to use SQLCipher for Android.
Using SQLCipher for Android With Room
CWAC-SafeRoom is good library and now support AndroidX.
CWAC-SafeRoom
Related
currently, in our Project, we are using sqlLite+cipher old school method for storing in database and encryption. we planning to rewrite need advice on what to use for database+encryption
our app is of 12MB out of which 7Mb is only for cipher Files.
what should I go for greenDao or realm or room+safeRoom or continue with existing code? your input would be really valuable
I was planning for greenDao or realm since they provide encryption out of the box. not very convinced with safeRoom.
Thanks in advance
I have an Android app with a somewhat complex database (18 tables). The app currently uses OrmLite to map and manage database objects. I'd like to migrate the app incrementally to use Room. I've read about steps to migrate an existing SQLite app to Room, which involves replacing SQLiteOpenHelper with Room's SupportSQLiteOpenHelper. However, I don't think I could easily replace that within the OrmLite framework. Does anyone know if it's possible for OrmLite and Room to coexist in the same runtime, accessing the same SQLite database file? What steps would I need to take to ensure the database is not corrupted between the two frameworks, other than the obvious transfer of entity classes from OrmLite to Room?
Thank you.
Is it possible to encrypt the whole database? I'm currently using AES 256 ECB encryption for field level encryption. I need to know if there is any good option for encrypting the whole database.
Maybe this is what you are looking for:
SQLCipher is an SQLite extension that provides transparent 256-bit AES
encryption of database files.
Source: Android database encryption
You can also encrypt database with different available standard library.
we used below library it works very good..
One of them is : https://github.com/sqlcipher/sqlcipher
For Specific to Android : https://github.com/sqlcipher/android-database-sqlcipher
I have a sqlite database in asset folder of my android project. I made it with sqlite database browser and use it in my project. It contains some table with 4 columns. This is working great in my apk file. But problem is if someone want he can easily break my apk file and get my real database also. Now my question is how can I protect my database? Is there any way to set password or encrypt my database.
I searched this type of problem in stackoverflow.com and found some way. But I think those ways are for, when I creating database with code. If I create database or put data with my program I would make my own encryption method also (like shuffling characters). But, again I am saying, my database is pre made and I want to protect this?
In this situation can you help me please? Sorry for bad English.
You can protect your database with help of following libraries. And make sure you use Pro-Guard to protect your code which has encryption keys.
SQL Cipher for Android but its paid library.
SQLite Encript
Android Database SQLCipher
Edit
You should check this blog and OI Safe also .. :)
You can integrate Proguard in your android app. Here is official documentation for this Proguard It will save your apk file from attack.
You can also encrypt your data in SQLite. You can apply AES Encryption to data beforing storing it to database and decrypt data in your code files before accessing it. Yo can also use SQL Cipher to protect your database
Check this Link it will help you
I'm creating a 2d game for Android and i'm using sqlite database for storing game data.Rooted users can change database easily.So i have to encrypt the data and when someone change it i have to understand this.How can i do this?
Take a look to the SQLCipher project. It is an open source library that provides transparent, secure 256-bit AES encryption of SQLite database files.
The web site offers a tutorial for Android.
SQLCipher + user's password could be the right implementation. We need user's password to encrypt the db rather than using the hard-coded strings.