0

I generate a small metadata file (2KB) from my app which needs to be unreadable if the user browse through file system. These files will not be transferred elsewhere through my app. After prolong research I figured I have to use Symmetry encryption. But I am lost what type of algorithm and how to use key/salt. Efficiency of the algorithm is important because the file is updated on onPause method.

  1. Should I declare it in code and use that for all users or should I generate new one for each user. If I go with second option, where do I store the key/salt for later use. Should I obfuscate the code? Please advice.
  2. Currently I have short listed these two. Are they secure enough for my requirement? How can I improve them?

http://www.codejava.net/coding/file-encryption-and-decryption-simple-example

String Encryption in Android

Community
  • 1
  • 1
pats
  • 1,273
  • 2
  • 20
  • 43
  • Use this one: https://github.com/tozny/java-aes-crypto – Artjom B. Apr 19 '15 at 08:51
  • 1
    Encryption doesn't use salt. Salt is used for hashing only. You only need to worry about the storage of your key. – Neil Smithline Apr 19 '15 at 18:19
  • thanks, my question is exactly that. Where do I save it for later use and should I generate keys per user basis or should I hard code key in the code so that its global. – pats Apr 19 '15 at 22:46

0 Answers0