好的,所以我加密了我的数据,现在我在哪里隐藏密钥? [英] Ok, so I've encrypted my data now where do I hide the key?
问题描述
这似乎是一个速度最大的碰撞。还有什么其他解决方案可以使用?
你唯一可以做的是使您难以从应用程序中提取密钥。你不可能使它不可能。如果你给某人一个包含你想要保护的内容的盒子,如果你希望他们能够访问内容,你必须给他们钥匙。一旦你给他们关键,他们可以做任何他们想要的...如果他们遇到麻烦寻找钥匙。
这是Bob和Eve是同一个人的情况,你想给Bob访问,但是暂停Eve看不到它。
这是DRM,它不起作用。
I have a database that contains sensitive information. I can encrypt / decrypt the data on the read write operations. The problem is that I need to store the key in the application. If someone has hacked their way in such they have access to the database then they can also grab the application (java) decomplie it and pull the key.
This seems like a speed bump at best. What other solutions are available?
The only thing you can do is make it difficult to extract the key from your application. You can't make it impossible. If you give someone a box with contents that you're trying to protect, you have to give them the key if you want them to be able to access the contents. Once you give them the key they can do whatever they want… if they take the trouble of finding the key.
This is a case of Bob and Eve being the same person, you want to give Bob access but stop Eve from seeing it.
This is DRM, it doesn't work.
这篇关于好的,所以我加密了我的数据,现在我在哪里隐藏密钥?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!