Secure sqlite database: Android

Question

I want to secure my sqlite database. I searched a lot but ended up with the suggestions of using SQLCipher.

Is there any new advancement in this field other than SQLCipher? Please suggest.

https://stackoverflow.com/a/20907327/3974530 – InsaneCat Dec 27 '19 at 07:20 — InsaneCat, Dec 27 '19 at 07:20
@InsaneCat Shared link also suggests SQLCipher only. – user1517153 Dec 27 '19 at 10:00 — user1517153, Dec 27 '19 at 10:00

score 0 · Answer 1 · answered Dec 27 '19 at 07:09

0

If you don't want to use SQLCipher, One thing you can do is encrypt your data before storing it in the database and decrypt it at runtime when populating it.

You can use a encryption key that you can store on Firebase and retrieve it from there at your app startup, this will add another layer of security to your encryption because the key will not be exposed inside the app if someone decompiles the app.

answered Dec 27 '19 at 07:09

Yugansh Tyagi

646
10
24

Store on Firebase- Doesn't that mean I need internet access all way around? – user1517153 Dec 27 '19 at 10:01

score 0 · Answer 2 · answered Dec 27 '19 at 11:12

I'm securing my database on my own, procedure is following:

ORMLite used as ORM (platform independent ORM over SQLite)
All sensible data stored in BLOB's
BLOB's secured using standard encryption technique, e.g. com.madgag.spongycastle works well under Android

Secure sqlite database: Android

2 Answers2