i am developing one android application. it download videos from server and store it in mobile.
i want to store those video in secure manner.(deny the user from copying. or deny them from viewing the video directly from sdcard)
i found two ways to solve the problem.
1)Store the video's inside the application.
2)Encrypt the entire video
but facing some problem in implementing solution
i)first solution found suitable. but i am fearing that. if we store too much video inside the application .it would become bulkier.and fore the user to uninstall.
ii)but in second solution. i did not find any correct way to do so.
so please help me to solve the problem.
This is kind of suggestion :
To store the videos you must have created some folder on SDCARD, so you can hide the folder by putting the "." in front of the name while creating it. on top of this you can encrypt the video file using AES algorithm so it can not be viewed, if copied outside the android it will not be view able. but from your application you can decry-pt the file and view it.
Definitively, you must encrypt the media and that's quite simple. What is more difficult is to play the media, because MediaPlayer only accepts clear contents. A basic way would be to convert an encrypted file to a decrypted one, just for the time of the playing session. A better approach is to build a stream from the file, decrypt that stream and feed it to the player. The hard point is to have a local http server to serve the stream.
Related
I am developing a digital media app using Google's flutter framework which contains songs, movies and etc. The main focus is, these media content should be accessible only through the app and not by outside methods (eg: media players, file browsers).
Eg: A music file which was downloaded through the app should only be played within the app and not by any media player. In that case, there should be an encryption method which should be used to lock these files from outside world.
In this case, bigger files such as Movies should also be taken into consideration. The size of a file can be anywhere between few kbs to 2-3 GBs.
What should be the better approach when solving this problem?
Is it to
Store everything in a database after encrypting the bytes?
Encrypt the entire file and still keep them in the form of "file"?
The downloaded data should also be able to be consumed quickly once the user requested for it. And once the consume is done, the file should be locked again from the rest of the world.
I am not sure if this topic is too broad but somehow I would appreciate it if anyone could provide me with something to start off.
Thank you.
I have this requirement, to download pdf/video file into the iOS/Android phone. then user can read offline.
Since the data now rest inside the app, how to prevent people from accessing and copy the file ?
EDIT
I know we can put password protected inside the PDF, and hardcode the password when we want to open it. but, How about video ?
second way, to encrypt/decrypt it. Can someone brief on this ? how to get this done ? possible issue, performance issue, since video contain big file size.
I have encrypted fiiles in the external Storage dir / the SD card. The files are crypted
images (jpg, bmp,...)
videos (3gp, mp4,...)
Pdfs
I want to load the bitmaps, videos or pdfs to load them in my ImageView, VideoView or open them via a pdf viewer. The problem is the files are secret. I dont want the files to be stored to open them. They could be read by others during the PDFviewer shows them for example.
Is there a way to directly open an image or pdf even though it is encrypted without copying an unencrypted copy?
If you want to keep your files as secret as possible for your app, I would use
javax.crypto.CipherInputStream
or a customized subclass of it. To do that you'll have to display your content embedded in your app, which is pretty straightforward for images and video. For PDFs you'll need to add a control which can display that kind of file to prevent others from getting access to the content.
Hope it helps.
You cite three scenarios: images into an ImageView, videos into a VideoView, and PDFs to a third-party app.
Images are easy. Make sure your decryption logic can give you an InputStream of the decrypted contents, then use appropriate methods on BitmapFactory.
I am not aware of a way to reliably serve videos to VideoView from an encrypted source. I know some people have experimented with embedding an HTTP server and streaming it.
You can publish a ContentProvider that supplies the decrypted content of a PDF to a third party app. This sample app just reads in the file, but you could use the same approach to decrypt it along the way.
All of this assumes that the user is the one responsible for requesting that this content be encrypted, and that you have collected a passphrase from the user. If, instead, your vision is that you are trying a DRM solution, anyone who wants to will be able to decrypt your content by reverse-engineering your app.
I searched through a lot of questions on SO but I can't find the answer, that's why I ask the following question:
An Android app should be able to play an encrypted video file (stored on the SD card and retrieved from a webserver).
The file has to be stored on the SD card so that the app can play the video file without having an active internet connection.
Because the video files may not be copied, the plan is to encrypt them server side when uploading the files to a webserver.
What is the best option?
1) I have seen suggestions for running a local webserver which decrypts the file (and how to do this?)
2) or should we decrypt the file, save it as a temporary file and set this temporary file as the source for the videoplayer?
3) something completely different?
You are trying to implement a DRM scheme, and a naive one at that. Look into DRM schemes and report back if you cannot implement the impossible. All you can hope for is obfuscation, and there are plenty of ways of doing that (none of them are secure of course).
What you need is DRM. Digital Rights Management (DRM) controls the access to your digital content such as video. Firstly, you need to encrypt the video with an encryption video like AES-128. Then with the use of DRM play in exoplayer. Exoplayer has DRM support. you can check here. https://exoplayer.dev/drm.html
You will expose the user to a waiting time if you choose to decrypt a entire big video beforehand. As of the security, you can guess it's a poor idea to have the contents in clear in a file, even temporary. The local webserver is a better choice because it's a streaming method, so without file storage. There is no class for an http server in the SDK, you have to implement your own one, otherwise look for an existing library similar to LocalSingleHttpServer.
I am trying to create an app that would download a file from a remote server and save it to the SD card. The file is quite confidential so I need an encryption for this. I would like it to be saved as encrypted. When I want to play the file, it should only be played on my media player which has the decrypt code. No other player can play that file. How is this possible? Thanks for any suggestions you may have.
If you don't want to be bothered with a delay by decrypting the entire file before to be able to start the playing, you should consider a streaming architecture. A typical design involves the javax.crypto.CipherInputStream class and a local http instance. For an example of that kind of design, look at something like LocalSingleHttpServer.