I'm creating a 2d game for Android and i'm using sqlite database for storing game data.Rooted users can change database easily.So i have to encrypt the data and when someone change it i have to understand this.How can i do this?
Asked
Active
Viewed 1.6k times
6
-
4Bear in mind that this will be pointless. Rooted users will be able to get your encryption key out of your app and use that to decrypt whatever you have encrypted. – CommonsWare Jul 08 '12 at 13:40
-
[I (pronoun)](http://en.wikipedia.org/wiki/I_(pronoun)) – Lincoln Hawk Jul 08 '12 at 17:10
-
1possible duplicate of [android database encryption](http://stackoverflow.com/questions/2203987/android-database-encryption) – t0mm13b Jul 09 '12 at 00:23
-
I truly believe that the rooted users can change your database regardless of the encryption. They can get the key to decrypt the db. I'm researching on it as well. Have you found any solutions? – Ender Feb 25 '19 at 03:47
2 Answers
12
Take a look to the SQLCipher project. It is an open source library that provides transparent, secure 256-bit AES encryption of SQLite database files.
The web site offers a tutorial for Android.
Jonathan Naguin
- 14,526
- 6
- 46
- 75
2
SQLCipher + user's password could be the right implementation. We need user's password to encrypt the db rather than using the hard-coded strings.
Ender
- 835
- 1
- 12
- 23