0

Hardcoding an encryption key in an Android app is a bad idea - nothing new about that (see also https://medium.com/swlh/an-android-hacking-primer-3390fef4e6a0).

I found another article about encryption and a key generator which key is saved into Android Keystore (https://medium.com/@josiassena/using-the-android-keystore-system-to-store-sensitive-information-3a56175a454b) - seems like a good idea. But: I'd like to send any information (e-mail addresses, passwords, usernames and so forth) encrypted to my backend. So I use Encryption Between PHP & Java to encrypt the data that goes over the Internet from a phone to my backend.

The method (from the StackOverflow link) to encrypt uses a hardcoded encryption key, and I avoid that by using a key generator. But my backend needs to know that key, that is created by the frontend.

How do I send this key to the backend? Encrypted with another key, that is hardcoded in my app? It's an one-time only communication between the frontend (app) and the backend (php server). Or should send the key unencrypted to the backend? Or should I execute the key generator both at the frontend and the backend - with the risk that the keys aren't equal?

Hope to get some wise words on how to make the connection secure "enough".

Kairos
  • 147
  • 1
  • 12
  • 2
    Use public key encryption to encrypt data that only your server can decrypt. You can ship the server's public key without any concern of exposure. – Alastair McCormack Dec 14 '19 at 21:09
  • 3
    In general, the answer is usually "just use SSL/TLS". That seems to apply in this case as well. – President James K. Polk Dec 14 '19 at 22:27
  • 2
    If you just want to secure the connection, use TLS. If you want to do more than that, you'll need to describe what that is, and the answer is very likely to still be "use TLS". Attempting to roll your own crypto would result in a bad reimplementation of TLS. – Sammitch Dec 15 '19 at 00:15
  • @JamesReinstateMonicaPolk (and Sammitch) I could send all information unencrypted to my backend, true. However,when a smartphones signal is intercepted between the phone and cell tower, the data can be caught - here can't TLS secure anything, since the data is intercepted before it goes into network traffic (TCP/IP). Therefore, I'd like to encrypt any data that comes out of the app. Am I too much worried? – Kairos Dec 15 '19 at 10:19
  • @AlastairMcCormack I also need to be able to decrypt the data on the frontend. – Kairos Dec 15 '19 at 10:21
  • 1
    @Kairos TLS encrypts end-to-end. It doesn’t matter if the signal is intercepted at layer 2 (cell layer) or layer 7, the data is encrypted. Only the server and the client can decrypt the payload. You need to read up on what TLS does. – Alastair McCormack Dec 15 '19 at 11:08
  • @Kairos what do you mean, decrypt on the front end? If you need to do that then TLS is definitely the way forward as you’d need to setup a mutual key exchange to achieve that without exposing a key. – Alastair McCormack Dec 15 '19 at 11:11
  • @AlastairMcCormack True, but I think about intercepting the signal in order to compare with a decomplied version of the APK - passwords can be decrypted using WireShark. But that is a very long shot. Should I send usernames and password unencrypted to the backend, just using TLS? – Kairos Dec 15 '19 at 11:57
  • 1
    You can only intercept and decode if you have the private key from either side of the connection, which an eavesdropper doesn’t. Yes, it’s ok to send username and passwords over a TLS connection, although it’s better to use SRP which prevents replay and other MITM compromises. – Alastair McCormack Dec 15 '19 at 12:12
  • @AlastairMcCormack My app doesn't send highly confidential information from a phone to the backend. Ofcourse, I will do everything reasonable to prevent hacking but I think I'll go with "just TLS" Thanks for your "thinking along" – Kairos Dec 15 '19 at 13:03
  • @JamesReinstateMonicaPolk The answer to my own question might be "Yes, I am too much worried" :) Thanks. – Kairos Dec 15 '19 at 13:05
  • Same goes for @Sammitch: thanks – Kairos Dec 15 '19 at 13:05

0 Answers0