On Thu, Jul 26, 2012 at 12:55 PM, Dominik Schürmann
<[email protected]> wrote:
> On 26.07.2012 19:47, Guilherme Ramos wrote:
>> Can I consider the SQL database available on Android as a secure
>> information storage for my application?
>> I heard If one root the device one can access the whole database without
>> dificulty. Is that correct?
>
> You can use SQLCipher ( https://guardianproject.info/code/sqlcipher/ )
> but then you have to deal with key management.
>
> And even with SQLCipher: A root app can do everything, thus it can also
> read the memory directly. When your SQLCipher db is opened your key will
> be stored in memory.
Be careful since SQLCipher does not detect tampering. I have seen a
lot of this in the field:
enc_data = ENCRYPT(derived_key, 10)
SQL_WRITE("Failed Logins Before Wipe", enc_data)
The bad guy can come along and perform the following:
enc_data ^= 0x1000 0000
Later, enc_data decrypts to some arbitrarily large integer since the
attacker flipped bits without decrypting. "Encryption Alone" is rarely
adequate, and I've only seen two instances where "encryption alone"
was sufficient. First is BitLocker with the Elephant Diffuser ("valid"
CPU instruction streams become the authentication tag); second is
related to ArcotIDs (and the way requests are encrypted and sent to
the server for online validation).
You probably have other problems if the bad guy is manipulating data,
but its something to think about.
Jeff
--
You received this message because you are subscribed to the Google Groups
"Android Security Discussions" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/android-security-discuss?hl=en.
