Storing API keys in Android, is obfustication enough?
I'm using the Dropbox API. In the 开发者_JAVA技巧sample app, it includes these lines:
// Replace this with your consumer key and secret assigned by Dropbox.
// Note that this is a really insecure way to do this, and you shouldn't
// ship code which contains your key & secret in such an obvious way.
// Obfuscation is good.
final static private String CONSUMER_KEY = "PUT_YOUR_CONSUMER_KEY_HERE";
final static private String CONSUMER_SECRET = "PUT_YOUR_CONSUMER_SECRET_HERE";
I'm well aware of the mantra 'Secrecy is not Security', and obfuscation really only slightly increases the amount of effort required to extract the keys. I disagree with their statement 'Obfustication is good'. What should I do to protect the keys then? Is obfustication good enough, or should I consider something more elaborate?
You can't help it. If the user (attacker) has the protected data and the code that does the unprotection, the user can eventually get access to the data. It's as simple as that. A debugger and a breakpoint at just the right time is all they need. That, and lots of free time and determination.
Whether or not secrecy is good enough for your purposes is up to your business specifics. But generally in the mobile world, if the customer is that worried about their data being stolen, they implement high-level theft and loss controls. Things like remote wipe, mandatory screen lock, etc. I don't think it's up to the application programmer to duplicate all that stuff.
Security can never be perfect, so it's up to you to decide how much work you want to do. You can break the consumer secret into multiple Strings for a simple change that offers a minimal amount of additional security or you can create an algorithm to represent the secret in another way (anything from inserting characters that aren't used every X spaces in the string to modifying each character, perhaps based on the numeric representation).
You have to consider the work vs. benefit. If this is an app that you and a few friends are going to use, then it probably doesn't matter much. If this is going to be an app used by 10 million people, security is obviously more of a concern.
精彩评论