I am building a android application within flash builder, that will allow clients to use and access the database within the application, but blocking outside.
The case is to take an encrypted database(to stop client from accessing the information, outside the application), a password (to be hidden from the client) and upload it to a server. Of which the server will be able to use this password to decrypt the database, then I plan to use PHP to manipulate the data.
What would be the best possible way to securely pass the SQLite database and the password in the upload phase?
Use HTTPS for communicating with your server. That will automatically encrypt all traffic. Also keep in mind, that if the client (user) can access the data from the application, and the data is on the device, there is little you can do to keep them from copying and accessing the data outside of your app. As long as the password/encryption key is also on the device, all it will achieve is slow them down a bit.
Create a http API that your application will use. This API will enforce which operations are possible. So the client never sees the DB password, encrypted or not.
I don't really get what you're encrypting the db for. Are you trying to protect against the case where the server gets hacked?
Now other applications will be able to use this API, and it's impossible to stop them. You can just throw as much obfuscation at it as possible, and hope that crackers are too lazy.
Related
We have an Android application which stores its data in a local SQLite database; primarily for performance, but also to allow for working off-line (as we are often in areas with low signal).
At the moment, the data is stored in encrypted format (passed down from our web servers), but this in itself causes a performance issue, where for example, if we want to search records for a particular "surname", we need to decrypt ALL of the data, rather than using a straight SQL query, to include where surname='Smith'
We cannot (as it currently stands) store the data in a more friendly 'open-format', as it's possible to 'root' the device, take a copy of the MySQL database, open it and read the data.
Is there the means (perhaps someone can provide an example) to either password protect the local SQLite database or somehow apply encryption, so that we can (from an application perspective) have the database available in open format, but so that if any would-be hacker got hold of the device and rooted it ... they would have a hard time reading our data?
I have searched for a suitable solution and cannot find any options for the SQLite database, any 3rd party software or any examples of code that do this.
SqlCipher, this will might work in your case
Remote Storage:
Your data is sensitive and needs to be accessed by the user on the go from different devices. If your app is a good one then the above line will hold true.
Security + Remote access from any device says you maintain your dB on a remote server.
Your flow can be :
User login --> Token --> Auth Token in every call --> Process request and get/put data in/from dB
Local Storage:
Let's say that you only want to store data locally and don't want to store it on the server. For this you can use public-key cryptography
You can use a public Key in your app to encrypt the data and store it. Now, you want to access the data. Request the private key from the server and decrypt it.
Again, to get access to private key you should use some form of authorization (or anyone can access your key).
Without the private key, even if a hacker roots the phone and gets his/her hands on the dB, the data would be useless.
I have to develop an app both for iOS and Android. This app uses a small sqlite database with sensitive data, and depending on the user's input, it makes some process with this data. After this process is made, the database is no longer accessed unless the user has to enter a new input (it's not probable that this happens).
Since the database has sensitive data I have to protect it. I know is impossible to get a complete protection but I would like to make life harder for a possible attacker.
And since I don't know too much about security I'm not sure what would be the best alternative taking into account "difficulty / security".
I've thought in two alternatives:
1) Include the database in the apps and encrypt or obfuscate it.
But I guess it wouldn't be very difficult to get the database with a rooted Android.
2) Have the database stored in a server, each time the user enters the input the app downloads the database, the process is made and after that I remove the database from the app.
But the process takes 5-10 minutes and maybe this time is enough to get the database from the app, so I would have to add the same protection as in 1) plus a protection in the server.
Which would be the best option (difficult / security)? There would be any other options?
I've tried several Google searches but I'm confuse with all that information and I would like to try with the huge acknowledge of this community.
UPDATED:
Well, reading your answers I'm inclined to have a backend and not download the database to the app. It's not the preferred solution of the client, but it seem is the best by far so I'll try to convince it.
Anyway, due to the type of process the app has to do I'm not sure if it's possible with a backend.
Since it's a complete different question I would like to ask it in other thread: https://stackoverflow.com/questions/29942688/remote-sqlite-queries-from-app
NEW UPDATE:
I keep thinking in this and I don't find a good solution because the process is too complex. I've thought in something I would like to know if it's possible or if it has no sense (sorry but I don't know too much about backend development).
SERVER -> my sqlite database & PHP web services
DEVICE -> a txt file with user inputs (20MB)
Device: In the device the txt file is compressed (10MB)
Device: The app send the txt file to the server via POST web service.
Server: This txt file is stored in the server.
Server: This txt file is decompressed.
Server: This txt file is loaded into a new table InputTable inside my sqlite database.
Server: A new table UserFinalDataTable (almost 10000 rows) is created making lots of queries using InputTable and the rest of my database.
Server: UserFinalDataTable is converted into JSON and sended back to the device as the response to the web service called in step 2.
Device: The app receive this JSON and converts it to something useful for the app.
Is this possible or any (if not all) of the steps is impossible to achieve?
The most secure and reliable way is to store the database on your server encrypted with a symmetric encryption algorithm. Better yet if you also use an asymmetric encryption algorithm on top of that, if possible with some sort of forward secrecy, in case your server gets hacked. It all depends on what degree of security you want to achieve.
Another way would be to store the database on the device with the server's encryption key, when needed send the database to your server for decryption and return the decrypted output. Although this doesn't make sense in most situations, especially yours.
Neither. The most secure way is to keep the database on the server and access it only by webservice, with proper account authentication. If you send any data at all to a client, a sufficiently motivated attacker will get it. In the case of a whole database file, it would be trivial to root the device and read it. And if you encrpyt it, SQLite won't be able to read it (not to mention the decryption key would be local so easily reverse engineered).
The most secure strategy you say....backend server with a db and web service.
Use SQLCipher to encrypt your db.
It works either on iOS and Android
I don't understand what the hacker can see and cannot see when he enters in a mobile app, for example android. He decompiles the .apk, then sees some .class files. If for example, I encrypt a key/value pair in a file, I still need to call this key from the code, and if the hacker can see the code, no matter if the key is encrypted, he will know which key I am calling?
My goal is to keep some encrypted string in my app, for example the twitter account Id of my app.
Some topics talk about " a private key to read, what was encrypted with a public key ", but if I use them, I still need to store them somewhere in my app...
Don't completely understand your requirement but the rule-of-thumb is always assume that client is not to be trusted.
You have to ensure that
All decryption should be done in your server (which you trust).
The client should never be able to access the decrypted data (unless you want it to). Hence whatever part of your code that needs to directly access the decrypted data should be in the server.
The client should have only the encrypted data (if it must store data).
The client should not be able to access the private key you used to encrypt the data.
If in your case your client must be able to access the critical data directly, then your only resort is to use obfuscation techniques (Basically hiding your data/code, to make it hard to find/understand). Of course all obfuscation techniques can be defeated eventually by a determined hacker. You have to decide how valuable your data is, what are the probabilities a hacker will try and access your data.
To take an extreme example : storing your twitter account and password using obfusucation is very bad. Storing a twitter-url- might not be so bad.
you can get your keys from server while launching app. and also dont manage in app purchase detail in sharedPrefrence or Sqlite. because in rooted device user can see that data file from root browser or sqlite editor application so user be able to change value.
A very determined person can crack it, but it's a major pain to crack encrypted strings and will stop most hackers. Especially if you obfuscate your code with something like ProGuard.
Answer to a similar question for details on how to encrypt
I currently work on a web message application , and I am storing the chat log on the database and some user data on share preferences.
The problem is, I wonder are there any way to make the data not accessible/ not readable when I open them in file explorer? Or how can I implment higher protection measures on the data ? I have searched for some approach but it somehow does not fit for the web messaging application.
For example:
Store data on server. If the data is chat log then there is a huge set of data and the network traffic to the server is very high
Encryption. If I use the SHA or else to encryt the data , it is not possible to read them
Thanks for helping
Database can be accessed if the phone is rooted, so you should encrypt the data that is stored in the database and decode it when reading from the database.
You probably could use one way RSA encryption, storing a key to decrypt the content (when required) on the server and the one way encryption key can be on the device. Reading the key alone should not create a lot of load on the server.
The key will be in the device memory at the time of decryption but intercepting in there may already be complex.
I am creating an app that requires the user to register with a remote server, but I want to hash their password before sending it off to be stored in my database.
I tried using the jBCrypt library, but it created a long hang time while hashing. Are there any other alternatives? What would be the best (and safest) way to hash the passwords without creating a noticeable hang?
Your approach seems to be wrong. Unless you have some special requirements, the usual way to do this is the following (not Android-specific, for any web application):
When the users register, take their password, hash it (using a random salt is also recommended), and save it in the DB. That is done so you don't save the actual password in your DB.
When the user needs to login, you send the actual password to your webapp (use SSL to avoid sending it in the clear), not the hash. On the server, you apply the same hashing algorithm as in step 1, and compare the result to what is in your DB. If they are the same, the user has provided the correct password.
In short, you should do your hashing on the server, not on the Android device.
Avoid saving 3rd party passwords at all cost. Saving them is considered a form of phishing. Try to save an authentication token instead of a raw password that you can get using a method like OAuth.
If you do need to send a password to a database on a webserver, just use HTTPS. This will ensure safe encryption over the wire. Then you can encrypt the password as necessary in the database. This method also ensures that your encryption mechanism is not on the device itself which can be more easily compromised.