Is it necessary to encrypt the sqlite db that goes with your Android app?
3
-
1This is a question you'll need to answer. Do you have a business need for encryption?Michael Petrotta– Michael Petrotta2011-07-17 01:04:45 +00:00Commented Jul 17, 2011 at 1:04
-
Not storing credit card numbers or contact info or anything like that, but there's still data. And I do want the user to have the ability to search the data.Metallicraft– Metallicraft2011-07-17 01:34:31 +00:00Commented Jul 17, 2011 at 1:34
-
If the data is not sensitive, there's no need to encrypt. If the data is sensitive, you'll have to weigh the cost of the release of that data against the cost of implementing encryption. tl;dr: it depends.Michael Petrotta– Michael Petrotta2011-07-17 01:37:40 +00:00Commented Jul 17, 2011 at 1:37
Add a comment
|
1 Answer
As Michael commented, it depends whether the data is required to be encrypted, but in general, it's better to encrypt the data and then store it in the database then encrypt-decrypt the whole database.
3 Comments
Metallicraft
Is there a built-in way to do this or any decent examples that a 4 year old could compr...compreh....co....get?
MByD
You can find a lot here in SO, and here: download.oracle.com/javase/6/docs/api/javax/crypto/… , but in the end, you'll need to decide how to use the tools Java gives you.
Yar
I advise encrypting only the necessary data and store them simply as BLOB. This way - the db is smaller than when storing base64 encoded strings.
