I want to store some sensitive data in Android app.
I know I am able to store it in SharedPreference or put the data in sqlite. But if the user roots the app, then he will be able to get the data.
I also know that I could encrypt the data and store it in the same places.
But, I do want to know if Android by default has some mechanism like that of iOS using keychain and store it in keychain.
I am not sure if somebody asked the same question. If yes please redirect me
There is a library made by Duncan which you can find on GitHub (JNCryptor) and should be useful for you. This is compatible with the RNCryptor project for iOS.
This may work for you on Android, or at least you can see how the code works and adapt it as necessary.
Take a look to this question (Where I found the library) which is not the same as you're asking, but could help.
I think that a good idea is to use the Android Keystore to "secure" store your key and then use it to encrypt/decrypt your data.
It's always better to find a solution inside the Android framework without use a library for everything.
See this link for more infos.
If you want to use more sofisticated and "secure" way to encrypt/decrypt data you could think to store on a remote server your keys, but this depend on your application does.
UPDATE
NOTE you can secure store your data only using secure elements such as SIM card (see this). You can even use the TEE technology which is something more secure than filesystem but less secure than SIM to store secure object on your device. This technology is not available on all the devices.
Related
I am using confidential data(like URL's, secret code etc) in my android application.
I want to protect my confidential data to access from the outside world (some thing like decompiling my class files etc.)
Please let me know what I need to do so that It can not be hacked by hackers.
Thanks.
By using encryption and decryption you can protect your data. This is - sample example
Content generated by an app that is deployed on a user's device cannot be 100% secure, but you can make attacker's life difficult. The idea is to make it difficult enough for cracking not to be worthwhile.
This article (and linked related articles) is about using cryptography. This is a good way to get started in securing generated or exchanged contents.
This article (and linked related articles, too) is about obfuscating your application code. The purpose of obfuscation is to make the reverse-engineering of your app more difficult once decompiled.
And this SO post can also be helpful to get started but the proposed implementation has an issue and needs revisiting (It works but has a hole. I've put an EDIT note in the post itself to explain that further).
That is not possible. If it is inside the app, it is vulnerable to attackers.
I am asking the same question as here:
Secure contents in Documents directory
For android.
Are there equivalent concepts in android to what is presented here:
Protecting the app sandbox
My particular requirement is to protect files from rooted devices and also make them available only through application and for a certain lifetime.
Thanks
My particular requirement is to protect files from rooted devices
By definition, that is impossible.
First, anyone who has a rooted device has access to every file, anywhere in the device itself.
Second, encryption only helps the user protect their data from third parties. You, on the other hand, are trying to attack the user by preventing them from accessing their data. The only way you can try to do that via encryption is for you to be the only one with the decryption key, and since that decryption key has to be on the device for the device to be able to decrypt the file, any user who wishes to can rummage through your app, find the key, and decrypt the files themselves. The notion of encrypting files this way is called DRM, and there are two types of DRM: the ones that have been cracked and the ones that nobody has bothered trying to crack yet.
If you do not want the user to access this data, do not put it on their device.
Looking through Mighter's answers and given your concern over rooted phones it looks like its been discussed here.
http://source.android.com/tech/encryption/android_crypto_implementation.html
(a sub link i found somewhere in here http://source.android.com/tech/security/index.html)
Originally i was thinking you could use the ContentProvider and store your data in a database, i believe that can be protected, or you could at least encrypt the data within it. I wasn't sure that would answer your issue however. The android crypto implementation link i hope will cover your requirements. Though might be impractical due to version requirements.
Two notes:
Generally speaking your application could be only as secure as the operating system. In case the device is rooted, the operating system isn't secure anymore. So your application can't be secure either. For example there could be tweaks of operation system which will:
log keyboard input
subvert any calls (including calls to crypto API)
log any information which comes through HTTP(S).
Second note is that at some point you will need to provide your data (files) in clear (not encrypted) to 3rd party applications. As soon as you did this, they can copy it, send it to some server and you can't do anything about it. So, even if you provide access to these files for a limited time, they still can "leak".
That said, your simplest approach (as Emile pointed out) would be to use a ContentProvider, encrypt data within it and decrypt data when it's delivered to 3rd party apps.
An approach with higher complexity would be to use DRM (http://developer.android.com/reference/android/drm/package-summary.html) in case 3rd party apps support it.
Android utilizes Unix permissions to protect app sandbox. Each app runs under unique user and only that user has permissions to operate on /data/data/your.package.name folder. However, if target device is rooted, your app data can be compromised.
Some links:
http://source.android.com/tech/security/index.html
http://www.amazon.co.uk/dp/1430240628
http://developer.android.com/guide/topics/security/permissions.html
There is nothing safe about putting any kind of data onto an android device. They are ment to be open devices. If you are looking to protect your data again rooted users, then you would have to use a form of encryption. And depending on the sensitivity of the item, that may not even work (unless you use a real high end encryption which will then drain on performance). Dont trust Android with sensitive information is the only thing I can say.
Does anyone know if an app can be hacked to manipulate anything else beside the actual app or the host phone itself? A web service server perhaps? Is that even possible? So the real question is, if an app is hacked, can the information it might possess or has access to be used for negative purposes?
(I'm looking to secure an app, not hack anyone.) :)
Web services are always vulnerable to being hacked. This is why you use a secure connection such as SSL to transfer any sensitive information.
As far as directly hacking Android applications, I imagine a hacker would have to do something along the lines of decompiling an application to assembly, much as they do for traditional applications.
Any kind of storage on the device in non-compiled format (some XML, text files, preferences) is more vulnerable to being hacked than natively compiled .apk's.
I think everything is hackable...
It is quite easy to get access to all your application's data on a rooted device. Things like your database or your private files are accessible on a rooted device.
I've never made a game for a mobile so I'm not really sure what the proper convention for level info is. Basically I'm thinking that I include an xml file that I add to local diskspace for the app then load the level details (item positions, etc) from that xml file, this way when I have to update the game, add more levels, I only have the users download a small xml file. Is this method secure or are there other ways of doing this?
The security features on the BlackBerry can be pretty complicated, check out the second half of this article for a good summary of the various security features available:
http://programming4.us/mobile/2694.aspx
Here are some official BlackBerry docs on the topic too:
http://docs.blackberry.com/en/smartphone_users/deliverables/1487/Security_26381_11.jsp
FYI, most of this information concentrates on protecting data from unauthorized users, or from other malicious apps. Personally I wouldn't be too concerned about a sophisticated hacker changing my XML, unless I was giving away prizes for achievements!
Regarding file access:
Every Android App runs in it's own sandboxed environment with it's own system username. Data downloaded or residing in it's directory can not be read from other apps.
Google Developers on Security is worth reading.
In code, you can easily use
this.getFilesDir()
From within an activity subclass.
If a device is rooted or someone uses the adb shell from the sdk to access the app data directory, of course, he will be able to manipulate it, I assume.
First, a bit of my background. I have been working on large web systems for over a decade, Android is something I have been looking at for the past two months; as you can imagine, the gap is quite wide :)
Looking at Android's Security and Permissions and Data Storage part of documentation, talking directly to developers, reading books and tutorials, it is pretty clear how entire model works. However, I was unable to find an answer whether SQLite and SharedPreferences files are secure enough to store delicate non-encrypted information (for example, OAuth tokens). Is it possible for someone to grab them in any way? Quoting Android's documentation:
Any data stored by an application will be assigned that application's user ID, and not normally accessible to other packages.
It's the not normally accessible part giving me additional grey hair :)
Thank you, helpful answers are appreciated :)
Is it possible for someone to grab them in any way?
That depends on the someone. As Mr. Burov indicates, users of rooted phones can get at whatever they want. Ordinary users and other applications can't, by default.
It's the not normally accessible part giving me additional grey hair :)
By default, files are secure. You can make them world-readable or world-writable if you choose.
Wouldn't it be possible to decompile apk file and find encryption key as well in that case?
That depends on who you are defending against. If you are defending against other apps, have the user supply the encryption key. If you are defending against the user, you're screwed, just as all implementations of DRM are screwed.
Well, there is a bunch of SharedPreferences editor apps on the market, so they're definitely not secure. Also on rooted devices database can pull off easily, since user have full access to the phones filesystem. Hence, if you want your app be totally secured, encrypt your data.