英文:
What is the best way to store a sensitive key on an android app?
问题
我必须在我的安卓应用程序中存储一个敏感的密码短语。如果需要,用户可以重新生成该密码短语。
我的第一个想法是将其存储在一个由密码保护的密钥库文件中。
但是这个密码,我应该把它存储在哪里?
我不介意它对我所有的安卓应用程序都是相同的,但我不希望用户能够阅读它。
英文:
I have to store a sensitive passphrase in my android app. That passphrase can be regenerated by a user if needed.
My first idea was to store it in a keystore file protected by a password.
But this password, where should I store it?
I don't care if it's the same for all my android applications but I don't want the users to read it.
答案1
得分: 2
第一个答案是不要这样做。为什么要存储密码?你几乎永远不应该这样做。
如果您是为了与服务器进行身份验证而这样做 - 不要这样做。相反,使用基于令牌的系统,服务器生成令牌并定期刷新。
如果您是为了与客户端进行身份验证 - 我建议使用Android上内置的安全机制。
总的来说,如果您必须存储密码,请不要保存原始密码。对其进行哈希处理,加盐,并存储哈希值。这样,如果您的应用程序受到威胁,攻击者无法获取密码本身,从而无法重复使用。
一旦完成上述操作,如果您有需要保护的密钥,可以查看Android的密钥库系统:https://developer.android.com/training/articles/keystore
英文:
The first answer is not to do this. Why are your storing a password? You should almost never need to do this.
If you are doing it to authenticate with your server- don't. Instead, use a token based system with a token generated by your server and refreshed occassionally.
If you're doing it to authenticate with the client- I'd use the built in secureity on Android.
In general if you MUST store a password, don't save it as is. Hash it, salt it, and store that instead. That way if your app is compromised, they can't get the password itself, which could be reused.
Once all that is done if you have a key that needs to be secured, you can look into Android's keystore system: https://developer.android.com/training/articles/keystore
答案2
得分: 0
当在Android二进制文件(或任何二进制文件)中存储任何敏感值时,请将其视为使其更难以获取。如果有人决心获取密钥、密码或口令,他们将会得到它。你只是让别人更难获取它。
你能做的最好的事情是对你尝试做的事情进行一些服务器端验证。这将是最安全的方式,你还可以通过使只有你的应用程序可以获取该口令来添加额外的保护层。
如果你没有服务器,那么你能做的最好的事情就是将口令和其他信息编译到一个C++库文件中,并从Kotlin或Java中获取它。
如果口令可以由用户更改,为什么不让用户一开始就设置它,而不将其存储在任何地方呢?你可以使用Firebase(基本上是免费的)来进行某种身份验证,并在设备和应用程序安装之间持久保存用户设置的密码。
英文:
When storing any sensitive values in an Android binary file (or any binary file for that matter) think of it as simply making it harder to get to. If someone is determined to get the key or password or passphrase, then they will get it. You are just making it harder for someone to get it.
The best you could do is have some sort of server-side verification for what you are trying to do. This will be the most secure way for you and you can also add an extra layer of protection by making it so that only your app can get that passphrase.
If you do not have a server, then the best you can do is compile the passphrase and other information in a C++ lib file and fetch it from Kotlin or Java.
If though, that passphrase can be changed by a user, why not let the users set it up from the get go and not store it anywhere? You can use Firebase (which is basically free) to have some sort of authentication and also persist user set passwords across devices and app installs.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论