在设备本地存储数据 [英] Storing data locally on device

问题描述

我在做一个应用程序，用户可以存储设备上的数据。我想使用数据库存储。但我一直在读书的地方，它是可以操纵本地存储设备上的数据。那么，什么是避免上的数据这样的攻击的最佳方式？我一直在思考有关数据库中每个字段加密，但再后来我不得不在设备上存储的加密密钥，以及（？），这又猜我能在什么位置？因此，没有人有我的想法任何其他的想法/ improvent？

感谢您的帮助！

解决方案

  

我正在寻找一种方法，使一个巨大的挑战

接受挑战：）

你应该做的第一件事就是将数据存储在您的应用程序目录，因为它是不便于常规设备上的用户/其他应用程序。链接应用数据CON从上下文例如获得<一href=\"http://developer.android.com/reference/android/content/Context.html#getDir%28java.lang.String,%20int%29\"相对=nofollow> Context.html＃GETDIR（） 。您从环保得到的目录是公开的。

这prevents从获取数据的普通用户。但很多人已经根深蒂固的设备，可以没有问题访问数据，所以这仍然是pretty不安全的。

要使它成为很多困难，你需要加密。任何强大的加密是无法从根本上打破像WEP一样会做。使用加密强制用户找到因为加密的数据的密钥（和加密方法）不能在合理的时间内进行解密。

这导致其可用密钥某处您的应用程序而不是用户的问题。而这正是你需要获得创意，因为有做，没有羊城通的部分。

最简单的方法是将明文的关键在你的应用程序code。像私有静态最后弦乐SECRET =42。通过简单地已经加密的文件，你会已从进一步深挖，因为在这一点上，你需要一些编程技巧​​来读取数据阻止大多数用户。

如果用户拥有这些技能，他可能会开始看你的应用程序的code（例如使用的 dex2jar + JD-GUI ）。如果你想知道它是如何努力扭转工程师您的应用程序，你也应该这样做。

了解code /找到加密方法+密码将变得更加困难，如果您使用的ProGuard混淆了code，因为应用程序内部的讲座，并于方法的变量名称将缩短到 ABC（D）像code。但方法调用Android的API不能被重命名，因为你需要重新命名的设备上的方法。另外字符串常量，比如42将不会改变。

使其更难的下一步骤是，以取代由你的code动态生成的东西常数。下面例子中的基本的例子建立由除以二的数字密码。使用这种方法时，优点是密码不再存储在纯文本，你需要了解/反向工程的数据转换成密码的方式。

 私有静态最后字节[] PASSWORD = {8,4};
私有String getPassword来（字节[]数据）{
    StringBuilder的SB =新的StringBuilder（）;
    对于（BYTE B：数据）{
        sb.append（将String.valueOf（B / 2））;
    }
    返回sb.toString（）;
}
//返回42如果我没有犯错
 

接下来的脆弱的一点是，调用设备加密的API可以很容易地定位（因为它们不能被重命名），这使得它更容易找出哪里寻找加密。如果你不想写自己的加密方法，我强烈建议你不要因为这里有轻微的错误可能损坏数据或打破完全加密。

这问题可以，如果你使用例如反射（调用通过提供在字符串提供的方法/类的名称的方法）进行硬化。这字符串可以同时进行模糊处理像上面的例子中，密码一样。

如果你做的一切，并且不使用没有这一个简单的方法你可以把它真的很难。 dexguard 比如可以为你做的，但它不是免费的，并且具有相同的方法用于问题许多应用程序和更多的人会试图打破比你自定义的方法。

找到一个好的方法来隐藏用于生成密钥并隐藏密钥生成和放大器的方法在您的应用程序信息;加密/解密自己最好想出这样的方法本身是不为公众所知。

您可以使用结合了大量的技术来隐藏像移动的部分纳入本地code中的信息，所以Java的家伙和我一样有困难时期或使用网络连接，让您的服​​务器做一些工作。

但最终这一切都安全通过隐藏以及所有的额外安全措施不为用户带来好处，但需要额外的处理时间和放大器;额外的应用程序的大小。

I'm making an application where users can store data on the device. I was thinking about using database storage. But I've been reading somewhere that it is possible to manipulate data that is stored locally on the device. So what would be the best way to avoid such "attack" on the data? I have been thinking about encrypting each field in the database, but again then I have to store an encryption key on the device as well(?), which again I guess can be located? So does anyone have any other ideas/improvent of my thoughts?

Thanks for any help!

解决方案

I'm looking for a way to make it a big challenge

Challenge accepted :)

The first thing you should do is to store the data in your app directory since it is not readable for the user / other apps on a regular device. Links to app data con be obtained from Context e.g. Context.html#getDir(). The directories you get from Environment are public.

That prevents average users from getting the data. But a lot of people have rooted devices and can access the data without problems, so that is still pretty insecure.

To make it a lot harder you'll need encryption. Any strong encryption that is not fundamentally broken like WEP will do. Using encryption you force the user to find the key (and encryption method) since the encrypted data can't be decrypted in reasonable time.

That leads to the problem of having a secret key somewhere available to your app but not the user. And this is the part where you need to get creative since there is no secure way to do that.

The simplest way is to put the key in plaintext in your app code. Like private static final String SECRET = "42". By simply having encrypted files you will already stop most users from digging further since at that point you need some programming skills to read the data.

If the user has those skills he will likely start to look at the code of your app (using e.g. dex2jar + jd-gui). You should do the same if you want to know how hard it is to reverse engineer your app.

Understanding the code / finding the encryption method + password will get harder if you use proguard to obfuscate the code because app internal class-, method- and variable names will be shortened to A.B.c(d) like code. But method calls to Android's API can't be renamed since you would need to rename the methods on the device. Also string constants like "42" won't be changed.

The next step of making it harder is to replace that constant by something dynamically generated by your code. The basic example below for example builds the password by dividing numbers by two. The advantage when using this approach is that the password is no longer stored in plaintext and you need to understand / reverse engineer the method that converts the data into the password.

private static final byte[] password = {8, 4};
private String getPassword(byte[] data) {
    StringBuilder sb = new StringBuilder();
    for (byte b : data) {
        sb.append(String.valueof(b / 2));
    }
    return sb.toString();
}
// returns "42" if I did not make a mistake

The next vulnerable point is that calls to device crypto APIs can be easily located (since they can't be renamed) which makes it a lot easier to figure out where to look for the encryption. If you don't want to write your own crypto method which I would strongly suggest you don't because a slight error in here may corrupt data or break the complete encryption.

That problem can be hardened if you use reflection for example (calling methods by supplying the name of the method / class supplied in a String). That String can as well be obfuscated like above example did with the password.

If you do all that and don't use a method not as simple as this one you can make it really hard. dexguard for example can do that for you but it's not free and has the problem that the same method is used for many apps and a lot more people will try to break that than your custom method.

Finding a good method to hide information in your app that is used to generate a key and a method to hide the key generation & encryption / decryption is best figured out by yourself so the method itself is not public knowledge.

You can use combine a lot of techniques to hide the information like moving parts of that into native code so Java guys like me have a hard time or use a network connection to let your server do some work.

But in the end it's all Security through obscurity and all the extra security measures don't benefit the user but require extra processing time & additional app size.

这篇关于在设备本地存储数据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！