1

I am developing a keyboard app for Android, and I want to prevent a hacker from accessing any resources or source code from the APK file. I have used Proguard to obfuscate the code.

I have a dictionary (text file) which is used for auto-prediction. It needs to be encrypted.

ha,have,4303955
t,to,385691
i,it,387247
.....

Questions:

1) What approach can be used to encrypt the text file ?

2) How else can I improve the security of the app?

  • Possible duplicate of [Android JNI string encryption/decryption](https://stackoverflow.com/questions/13351787/android-jni-string-encryption-decryption) – Martin Zeitler Dec 17 '18 at 06:20
  • It all depends on importance vs price. Dexguard offers advance encryption and obsfuscation, but it is very pricey. – lionscribe Dec 17 '18 at 07:31
  • The main question is who you are trying to protect the data from. Professional hackers will always be able to extract the data (all they have to do is a memory dump, and they will see the decrypted string, unless you avoid decrypting it all in one shot). For the amateur hacker, and basic custom encryption will do. – lionscribe Dec 17 '18 at 07:38
  • @lionscribe I will have a look at Dexguard. Thank you – Syed Taha Mohsin Dec 17 '18 at 07:58
  • encryption with AES you mean ? – Syed Taha Mohsin Dec 17 '18 at 09:20
  • Might not even need that, just use some custom bit twiddling and reversing. A benefit of that is that you can make a custom stream reader that will decrypt on fly, with no need to decrypt whole file. Again, AES is much stronger, but as you have to hide the key somewhere, it can easily be hacked. So just make it not simple. – lionscribe Dec 18 '18 at 03:30

0 Answers0