i am just protecting some images (about 500) i downloaded on sdcard. on the first run it downloads and write each by CipherOutputStream and for the next time it decrypt those images by CipherInputStream. a static key works at the moment
On Aug 26, 3:07 pm, Haravikk <harav...@gmail.com> wrote: > The more important question I think is why are you doing this, what > information are you trying to protect? > It seems like you're adding encryption for the sake of it, but in fact > your solution won't be much more secure against someone determined to > get at the file's contents. If the key is static, then it is easier to > break, but if it changes then it would need to be stored, making it > easier to access. > > One alternative is to generate the secret-key using a sufficiently > hard to guess algorithm, using some information about the device, so > that the key used is very different for every user, reducing the > change of simple comparisons being able to break your encryption. > However, someone clever could still probably figure out how your > encryption works by examining the Java byte-code, as while it's tough > to get your head around it's not impossible to understand. > > Perhaps in your case the effort required to break the encryption might > be more than it's worth to get into the file, but if you let us know > what kind of information you're hoping to store, then perhaps we can > give you some better solutions? If it's something "dangerous", like > payment details or something, then you need the most rock-solid > solution possible, but if it's something minor then encryption may be > a waste of time entirely. > > On Aug 26, 2:46 pm, zeeshan <genx...@gmail.com> wrote: > > > key never change once its been created. > > > as i know SecretKey generates by a funtion as above, how can i set it > > as constant > > can you plz provide example? > > > On Aug 26, 1:39 pm, Sujay Krishna Suresh <sujay.coold...@gmail.com> > > wrote: > > > > On Wed, Aug 26, 2009 at 5:41 PM, zeeshan <genx...@gmail.com> wrote: > > > > > key doesn't change. > > > > can i store keyString in preferences to retrieve for decryption > > > > yes that'd be better than storin it in a file. But better to jus have a > > > constant field in ur class that cointains ur key. > > > > > SecretKey key = KeyGenerator.getInstance("DES").generateKey(); > > > > byte[] keybytes = key.getEncoded(); > > > > String keyString = new String(keybytes); > > > > If u r gonna execute these set of statements then wont the key change?? > > > > > or plz provide any example for the best practice > > > > > On Aug 26, 12:28 pm, Sujay Krishna Suresh <sujay.coold...@gmail.com> > > > > wrote: > > > > > If it is only used by ur application, jus use a String instance to > > > > > hold > > > > the > > > > > key. y store in a file?? > > > > > ll the key change dynamically??? > > > > > > On Wed, Aug 26, 2009 at 4:55 PM, zeeshan <genx...@gmail.com> wrote: > > > > > > > encryption and decryption is the app's internal functionality. user > > > > > > has nothing to do with this > > > > > > i encrypt the file on 1st run and on 2nd run i check if file is > > > > > > there > > > > > > then decrypt and show. > > > > > > so only thing i understand is to store the key somewhere in the app > > > > > > so > > > > > > i can access it for decryption. > > > > > > just wondering if this help > > > > > > File keyFile = new File("data/data/package name/key"); > > > > > > > i followed this link for encryption and decryption > > > > > > >http://www.java2s.com/Tutorial/Java/0490__Security/UsingCipherInputSt. > > > > .. > > > > > > > On Aug 26, 12:11 pm, Sujay Krishna Suresh <sujay.coold...@gmail.com> > > > > > > wrote: > > > > > > > I think its better to ask the user for the secret key rather than > > > > storin > > > > > > it > > > > > > > smwhere. > > > > > > > > On Wed, Aug 26, 2009 at 4:30 PM, zeeshan <genx...@gmail.com> > > > > > > > wrote: > > > > > > > > > Hi Dear, > > > > > > > > > i wrote a small application which encrypt some files using a > > > > > > > > secret > > > > > > > > key. > > > > > > > > i need to decrypt files on 2nd run which requires same key again > > > > > > > > plz advise where should i store the secret key. > > > > > > > > -- > > > > > > > Regards, > > > > > > > Sujay > > > > > > > Mike Ditka < > > > >http://www.brainyquote.com/quotes/authors/m/mike_ditka.html> > > > > > > - > > > > > > > "If God had wanted man to play soccer, he wouldn't have given us > > > > arms." > > > > > > -- > > > > > Regards, > > > > > Sujay > > > > > Pablo Picasso< > > > >http://www.brainyquote.com/quotes/authors/p/pablo_picasso.html> > > > > > - "Computers are useless. They can only give you answers." > > > > -- > > > Regards, > > > Sujay > > > Jonathan > > > Swift<http://www.brainyquote.com/quotes/authors/j/jonathan_swift.html> > > > - "May you live every day of your life." --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers-unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---