如何防止Assets文件在APK中进行逆向工程 [英] How to prevent Assets files from reverse engineering in APK
问题描述
我有一个与Android开发中的数据安全性有关的问题.现在,我正在一个需要将现有数据库保留在Assets文件夹中的应用程序中工作,因此App可以将其复制到内部可写位置,以避免在首次安装时从服务器下载大量数据库.但不幸的是,使用APK反编译工具可以查看此数据库文件包含的资产文件夹中的文件.有没有一种方法可以防止对我的资产文件进行反编译,以便可以确保我的应用程序中的数据安全性.任何帮助将不胜感激.谢谢.
I've a question related to Data security in Android development. Right now i am working in an application where i need to keep an existing database in assets folder so App can copy it in to the internal writable location to avoid the large database download from server during first time installation. But unfortunately using APK decompiling tool one can view the files in assets folder included this database file. Is there a way to prevent my assets-files from being decompiled so Data security can be assured in my application. Any help would be highly appreciated. Thanks.
推荐答案
简单的答案是否".尽管您可以通过使用一些加密"方案使其变得更困难,但总有某种方式可以使潜在的黑客实现窍门,这意味着您可以使用一些特殊的密钥对数据进行加密,然后使用key
可以使用encode
并decode
您的数据是使事物更安全的更好的地方nactive libs
意味着您使用native
(c,c ++)代码,其中应包含您的敏感数据并生成libs
,这样做您将添加另一层加密,因为反向工程本机库的本机形式本本很难阅读.
Simple answer is no . there will always be some way where a potential hacker can do it's tricks though you can make it harder by using some 'encryption' schemes mean you can encrypt your data with some special key,then with the key
you can encode
and decode
your data so better place to keep things more secure is nactive libs
means you using native
(c,c++) code which should contain your sensitive data and generate libs
, by doing this you are adding an another layer of encryption because reverse engineered native form of native libs are quite hard to read.
这篇关于如何防止Assets文件在APK中进行逆向工程的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!