doulu3399 2018-10-24 20:07
浏览 64
已采纳

Android加密/解密

There are many encryption algorithms and most of them require IV and KEY and Plaintext.

In Android, we have to add 3 of them to our code. On the other side, Android is open source and everyone can extract APK files and access the IV and the KEY , this doesn't make it secure.

Which algorithms are better and unbreakble that can be applied in Java and PHP. I'm working on a Project similar to Instagram/Facebook/Twitter, Security is the first problem for such applications.

  • 写回答

1条回答 默认 最新

  • duanken7168 2018-10-25 09:20
    关注

    Let's start with basic stuff:

    • never store an IV/KEY in the source code or unencrypted within the app filesystem
    • your might want to look into the Android KeyStore and it's supported operations
    • you might need to depend upon the existence of a hardware keystore (so that users cannot modify locally stored keys)

    For more information I would recommend to look into the OWASP MSTG -- Android Data Store and Android Cryptographic APIs might be interesting to you

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 maple软件,用solve求反函数出现rootof,怎么办?
  • ¥50 汇编语言除法溢出问题
  • ¥65 C++实现删除N个数据列表共有的元素
  • ¥15 Visual Studio问题
  • ¥15 state显示变量是字符串形式,但是仍然红色,无法引用,并显示类型不匹配
  • ¥20 求一个html代码,有偿
  • ¥100 关于使用MATLAB中copularnd函数的问题
  • ¥20 在虚拟机的pycharm上
  • ¥15 jupyterthemes 设置完毕后没有效果
  • ¥15 matlab图像高斯低通滤波