sqlite encryption for android

Question

i'm looking very hard for a possibility to encrypt my sqlite database on Android devices, but I was't able to find a satisfying solution.

I need something like a libary to reference, in order to have a "on the fly" encryption/decryption of my database, while using the normal sqlite functions.

I don't want to encrypt data before storing.

I don't want to encrypt the whole databasefile, in order to decrypt it before using.

I know about the following projects:

But I can't find any working example for this stuff.

Btw, I'm absolutly willing to purchase a commercial build, but I have to test ist before spending a few hundred dollars.

Did anyone solve this issue for his own?

There is no good reason to encrypt the database. If someone wants to access it he can always reverse engineer your application to retrieve the key. — ThiefMaster, May 18 '11 at 11:37
no, not if i force the user so type the password while starting the app — 2red13, May 18 '11 at 11:39
Can't find any examples for SQLCipher? See https://www.zetetic.net/sqlcipher/sqlcipher-for-android/ — LarsH, Aug 28 '21 at 16:28

CommonsWare · Accepted Answer · 2013-08-29T11:16:13.067

49

Try the SQLCipher port to Android instead of the regular SQLCipher.

edited Aug 29 '13 at 11:16

answered May 18 '11 at 12:02

CommonsWare

986,068
189
2,389
2,491

1

Using SQLCypher makes my app 8-10MB more bulky, after including the icudt46.zip file for solving compatibility problem. Any other light method to Encrypt the database? – Saty Aug 29 '13 at 11:15
@Saty: None that I am aware of. – CommonsWare Aug 29 '13 at 11:16
How exactly do I download the binary, the Zetetic page leads to a download page with no actual download. – Michael Feb 14 '16 at 02:26
1

@Michael: Add `compile 'net.zetetic:android-database-sqlcipher:3.3.1-2@aar'` to your `dependencies` in your module's `build.gradle` file. – CommonsWare Feb 14 '16 at 12:27
@CommonsWare Oh, hmm. Is it no longer possible to download a zip file and drop files somewhere in my project in Android Studio? – Michael Feb 14 '16 at 16:26
@Michael: If you are using Android Studio, you **really** should be using artifacts. If you do not want to rely upon a remote repository like JCenter or Maven Central, presumably you already have set up a local repository for things like the Android Plugin for Gradle (which come from remote repositories by default). If so, you can copy down the AAR and POM and add them to your own local repository, as you did with the Android Plugin for Gradle. – CommonsWare Feb 14 '16 at 16:30

score 1 · Answer 2 · answered Jan 06 '17 at 09:19

1

litereplica supports encryption using the ChaCha cipher, faster than AES on portable devices.

There are bindings for Android.

To create and open an encrypted database we use an URI like this:

"file:/path/to/file.db?cipher=...&key=..."

answered Jan 06 '17 at 09:19

Bernardo Ramos

4,048
30
28

score 1 · Answer 3 · edited Oct 10 '19 at 11:54

1

If anyone is still looking:

Override SQLiteOpenHelper function as below:

void onConfigure(SQLiteDatabase db){
    db.execSQL("PRAGMA key = 'secretkey'");
}

edited Oct 10 '19 at 11:54

Zain Aftab

703
7
21

answered Sep 22 '18 at 16:21

Coder

845
1
10
20

score 0 · Answer 4 · edited Mar 18 '20 at 23:02

private String encrypt(String password) {
   try {
        SecretKeySpec keySpec = generateKey(password);
        Cipher c = Cipher.getInstance("AES");
        c.init(Cipher.ENCRYPT_MODE,keySpec);
        byte[] encVal = c.doFinal(password.getBytes());
        String encryptedValue = Base64.encodeToString(encVal,Base64.DEFAULT);
        return encryptedValue;

    } catch (Exception e) {
        e.printStackTrace();
        return null;
    }
}

private SecretKeySpec generateKey(String password) throws Exception {
    final MessageDigest digest = MessageDigest.getInstance("SHA-256");
    byte[] bytes = password.getBytes(StandardCharsets.UTF_8);
    digest.update(bytes,0,bytes.length);
    byte[] key = digest.digest();
    SecretKeySpec secretKeySpec = new SecretKeySpec(key,"AES");
    return secretKeySpec;
}

I just used the encrypt function to encrypt the password. Here I used the user's password as a key. Therefore I don't need to keep the key inside the application. When the user wants to log in, simply encrypt the password and try to match with the encrypted password in the database and allow them to log in.

sqlite encryption for android

4 Answers4

Linked

Related