i am just protecting some images (about 500) i downloaded on sdcard.
on the first run it downloads and write each by CipherOutputStream and
for the next time it decrypt those images by CipherInputStream.
a static key works at the moment
On Aug 26, 3:07 pm, Haravikk <harav...@gmail.com> wrote:
> The more important question I think is why are you doing this, what
> information are you trying to protect?
> It seems like you're adding encryption for the sake of it, but in fact
> your solution won't be much more secure against someone determined to
> get at the file's contents. If the key is static, then it is easier to
> break, but if it changes then it would need to be stored, making it
> easier to access.
>
> One alternative is to generate the secret-key using a sufficiently
> hard to guess algorithm, using some information about the device, so
> that the key used is very different for every user, reducing the
> change of simple comparisons being able to break your encryption.
> However, someone clever could still probably figure out how your
> encryption works by examining the Java byte-code, as while it's tough
> to get your head around it's not impossible to understand.
>
> Perhaps in your case the effort required to break the encryption might
> be more than it's worth to get into the file, but if you let us know
> what kind of information you're hoping to store, then perhaps we can
> give you some better solutions? If it's something "dangerous", like
> payment details or something, then you need the most rock-solid
> solution possible, but if it's something minor then encryption may be
> a waste of time entirely.
>
> On Aug 26, 2:46 pm, zeeshan <genx...@gmail.com> wrote:
>
> > key never change once its been created.
>
> > as i know SecretKey generates by a funtion as above, how can i set it
> > as constant
> > can you plz provide example?
>
> > On Aug 26, 1:39 pm, Sujay Krishna Suresh <sujay.coold...@gmail.com>
> > wrote:
>
> > > On Wed, Aug 26, 2009 at 5:41 PM, zeeshan <genx...@gmail.com> wrote:
>
> > > > key doesn't change.
> > > > can i store keyString in preferences to retrieve for decryption
>
> > > yes that'd be better than storin it in a file. But better to jus have a
> > > constant field in ur class that cointains ur key.
>
> > > > SecretKey key = KeyGenerator.getInstance("DES").generateKey();
> > > > byte[] keybytes = key.getEncoded();
> > > > String keyString = new String(keybytes);
>
> > > If u r gonna execute these set of statements then wont the key change??
>
> > > > or plz provide any example for the best practice
>
> > > > On Aug 26, 12:28 pm, Sujay Krishna Suresh <sujay.coold...@gmail.com>
> > > > wrote:
> > > > > If it is only used by ur application, jus use a String instance to
> > > > > hold
> > > > the
> > > > > key. y store in a file??
> > > > > ll the key change dynamically???
>
> > > > > On Wed, Aug 26, 2009 at 4:55 PM, zeeshan <genx...@gmail.com> wrote:
>
> > > > > > encryption and decryption is the app's internal functionality. user
> > > > > > has nothing to do with this
> > > > > > i encrypt the file on 1st run and on 2nd run i check if file is
> > > > > > there
> > > > > > then decrypt and show.
> > > > > > so only thing i understand is to store the key somewhere in the app
> > > > > > so
> > > > > > i can access it for decryption.
> > > > > > just wondering if this help
> > > > > > File keyFile = new File("data/data/package name/key");
>
> > > > > > i followed this link for encryption and decryption
>
> > > > > >http://www.java2s.com/Tutorial/Java/0490__Security/UsingCipherInputSt.
> > > > ..
>
> > > > > > On Aug 26, 12:11 pm, Sujay Krishna Suresh <sujay.coold...@gmail.com>
> > > > > > wrote:
> > > > > > > I think its better to ask the user for the secret key rather than
> > > > storin
> > > > > > it
> > > > > > > smwhere.
>
> > > > > > > On Wed, Aug 26, 2009 at 4:30 PM, zeeshan <genx...@gmail.com>
> > > > > > > wrote:
>
> > > > > > > > Hi Dear,
>
> > > > > > > > i wrote a small application which encrypt some files using a
> > > > > > > > secret
> > > > > > > > key.
> > > > > > > > i need to decrypt files on 2nd run which requires same key again
> > > > > > > > plz advise where should i store the secret key.
>
> > > > > > > --
> > > > > > > Regards,
> > > > > > > Sujay
> > > > > > > Mike Ditka <
> > > >http://www.brainyquote.com/quotes/authors/m/mike_ditka.html>
> > > > > > -
> > > > > > > "If God had wanted man to play soccer, he wouldn't have given us
> > > > arms."
>
> > > > > --
> > > > > Regards,
> > > > > Sujay
> > > > > Pablo Picasso<
> > > >http://www.brainyquote.com/quotes/authors/p/pablo_picasso.html>
> > > > > - "Computers are useless. They can only give you answers."
>
> > > --
> > > Regards,
> > > Sujay
> > > Jonathan
> > > Swift<http://www.brainyquote.com/quotes/authors/j/jonathan_swift.html>
> > > - "May you live every day of your life."
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers-unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
-~----------~----~----~----~------~----~------~--~---
