How's it possible that whenever I work with something new in my internship at my company and wonder what's this... You come up with a detailed video on that one !! 😱. Philipp Op
I've used EncryptedSharedPref on my projects and was wondering to create a Security Class like this to use KeyStore on regular files. This is a complete & well explained guide for that. Thanks for sharing your knowledge with community Philipp.
Damn... you're seriously carrying the flag for Android development advocacy. Much props! Keep going. You should be working for Google haha. (but I'm sure your aspirations are much bigger)
It would be great if you use the images or a short presentation slides or animation for better understanding. This is still the best channel out there .
Then I could probably only upload once a week or less frequently. Still interested? I think most people would pick 2 videos a week instead at 90% quality than one video at 100
This video is helped me a lot. I didn't know about encryption and decryption specifically before. After I watched this, at least I know them and those implementation on Android. Super cool!
Interesting subject. I remember investigating this a couple of years ago, but was put off by the complexity trying to solve this for pre-M-devices. Would be interesting to see your take on that.
At time 12:00, you mention that we can get existing key from keystore. But while creating a new key, we're not mentioning our keystore anywhere. So how does this keystore know which key is being created and added against "secret"?
aah, i just got into making soft rn and tNice tutorials is so helpful and your voice is so sootNice tutorialng btw! thanks for tNice tutorials tutorial
Get a coffee for Philip too! ua-cam.com/users/redirect?event=video_description&redir_token=QUFFLUhqa0JpcHBjcU9WOVFkbThlQjVjeDhuemlvRmxTZ3xBQ3Jtc0tsdlhYdTBmY1ZvWjZTRTVnRDROZXRLWHZlQWNsWUQwdU4zRUxHWjlreDBqdUdTZEhKTndlRFhQazRtZXVZYUd3aW1MVTh1R3ZRWDhZUlRDVUx6ZWllNHlsNzAtNDNpQUE5N3lXOVRtUzFRS3BaU3d5Yw&q=https%3A%2F%2Fwww.buymeacoffee.com%2Fphilipplackner&v=aaSck7jBDbw
Cool, thanks! Looks like this crashes if you try to re-encrypt the same input string (" IV has already been used. Reusing IV in encryption mode violates security best practices"). Is there an explanation for what is wrong in the example here?
@@PhilippLackner Yes that worked. For reference: fun encrypt(bytesIn: ByteArray, outputStream: OutputStream): ByteArray { val cipher = encryptCipher() //
@@ubersticks I meant the code for the encryptCipher transformed to function but I figured it out. Here is my code if anyone else needs it in the future: private fun getEncryptCipher(): Cipher { return Cipher.getInstance(TRANSFORMATION).apply { init(Cipher.ENCRYPT_MODE, getSecretKey()) } }
your content is awesome, but i have a problem that some people can decompile assets folders from apk and stolen my android assets. my question is how to secure the assets folders? best regards
Does it make sense for you to encrypt the Room database with SQLCipher? I've been reading information on forums and watching some videos, but I'm really not sure if it's a good practice. Thanks for sharing your expertise.
@Philipp Lackner , thank you for all your efforts. I learned a lot from you! Please suggest me a book that covers android development topics that helps to learn android in depth(the newer the better). Thanks beforehand 😊
Such a shame I probably can't buy your courses from my country. But thank you for your content, I have recently landed my first Android dev job after learning by watching your videos and trying to replicate stuff from them.
Thanks, but why not? Assuming you're from Russia, you could still get them by using a VPN + entering a different country during checkout.. Had some customers who did this and it worked well. Of course only if you don't need the invoice as business expense or so
@@PhilippLackner Yeah, I thought of that way too, but I am currently studying at university, so I wonder if I'll have time to travel to another country before next summer. I wonder if I can somehow bypass all this stuff with a SIM card that came from a different country, that would be way easier. I'm coming for dat Compose course sooner or later though ヽ(ಠ_ಠ)ノ
Why would Samsung equip this mode onto a touch sensitive device? Imagining the scenario where some person activating the Encryption via butt dial--now--is left permanently scarred with the decision to hard reset their data while losing their files in the process? That's not cool.
for some reason even after following everything the decrpytion doesnt work, I've also tried cloning your github project & it gives me the same issue, there's not much documentation on this either
How would that be possible to implement to encrypt / decrypt an app db upon opening and closing an app? Ofc, a user would have to input the pass upon opening the app
i have physical image of android phone in binary fromat having file base encryption and i have key also , i want to decrypt that image how should i process further 'please help me on this
Hi Philipp can you make a separate course on Android Security for offline as well as online system cause there are some tools(http canary) which can capture https data. Even ssl pining is useless there are tools which can disable them . Even signature verifications(ultima - a tool that kills every signature protection) are useless these days , using NDK is safe but there are no tutorials on web for the same
Hey dear I want to download a video from 1dm application but when I start downloading the video it says 16 byte AES-128 decryption key in base 64 format is required. Can you please make a video on it.
Nice video. Lets say you encrypt a file and copy it off your device to a server. Your device crashes, breaks, gets lost. Your keystore is gone. How do you read/open the file you copied off the device. Also, is the keystore backed up by google? Can you transfer and use the keystore onto a different device? How to protect yourself from having all your eggs in one basket?
Nope, then you gotta manage your own key, but also carry the risks. You can't have both the advantages of having a key that can't leave the device and being 100% flexible
Hi. I got java.lang.IllegalStateException: IV has already been used. Reusing IV in encryption mode violates security best practices. Can you tell me how to implement this with random IV?
Bro..if my manifest file written in XML code.. will it be compiled into java byte code or .APK file.. Can some one change the configuration in that .APK file from outside the app for example from another Android app on a device? Because I heard XML is not secure because it can be converted into JSON.. but if it is a java byte code probably it is much secure than XML
I cloned the project from GitHub but when I tried to run the project I am getting a javax.crypto.AEADBadTagException caused by Caused by: android.security.KeyStoreException: Signature/MAC verification failed error
If anyone is getting following error: "IV has already been used. Reusing IV in encryption mode violates security best practices." I solved it by initializing the encryptCipher each time I try to encrypt something. Like this: private val encryptCipher = Cipher.getInstance(TRANSFORMATION) fun encrypt(bytes: ByteArray, outputStream: OutputStream): ByteArray { encryptCipher.init(Cipher.ENCRYPT_MODE, getKey()) // rest of the code } I don't know if this is correct way to do this but functionality worked correctly after this change.
How's it possible that whenever I work with something new in my internship at my company and wonder what's this... You come up with a detailed video on that one !! 😱. Philipp Op
I secretly listen to your conversations
@@PhilippLackner ouu 😶. I'll encrypt my conversations in keystore from the next time onwards 🌚.
@@snehilsinha5624 lol, from that point onwards, you will no longer have videos u need :( :D
@@RickertBrandsen 🥲
I face the same situation 😃
I've used EncryptedSharedPref on my projects and was wondering to create a Security Class like this to use KeyStore on regular files. This is a complete & well explained guide for that. Thanks for sharing your knowledge with community Philipp.
Damn... you're seriously carrying the flag for Android development advocacy. Much props! Keep going. You should be working for Google haha. (but I'm sure your aspirations are much bigger)
Haha thank you, but in regards to Google I'll pass
Thank you very very much Phillip, your videos help us alot, your contribution is very very valuable to us.
Keep inspiring the android dev community 🙏🏽
Glad my stuff helps!
Speak for yourself...
I find that Philipp's tutorials are not valuable.
;)
They are absolutely priceless!!!
Hey Philipp, u r getting more likes within 7mins for a 27mins video. U r dng a good job man!
Thank you!
There are so many things you teach us. You are truly a Hero for us. 🎉
It would be great if you use the images or a short presentation slides or animation for better understanding. This is still the best channel out there .
Then I could probably only upload once a week or less frequently. Still interested? I think most people would pick 2 videos a week instead at 90% quality than one video at 100
This video is helped me a lot. I didn't know about encryption and decryption specifically before. After I watched this, at least I know them and those implementation on Android. Super cool!
Interesting subject. I remember investigating this a couple of years ago, but was put off by the complexity trying to solve this for pre-M-devices. Would be interesting to see your take on that.
I need to create a video/blog for pre-M devices. But is it worth it now? Are people even targeting apps for devices below android 6?
This channel is gold!
Love these videos. Do you slow down a bit in your programs? I find it hard to keep up sometimes
Thank dear Philipp. A question, why did you use the output stream parameter in encrypt fun?
Hi @Phillip, I am your big fan, learning android continuously from your videos. Please make a video on SSL Pining in android.
Hey great video! May I know which mac you are using btw?
Tx Phil for the tutorial, truly hope you get your 100k subs by EOY.
At time 12:00, you mention that we can get existing key from keystore. But while creating a new key, we're not mentioning our keystore anywhere. So how does this keystore know which key is being created and added against "secret"?
Hi Philip, please create more videos like this, thank you so much!
Hey Phil, In my Nigerian accent, "You are doing well"😁. Thanks for all you do
aah, i just got into making soft rn and tNice tutorials is so helpful and your voice is so sootNice tutorialng btw! thanks for tNice tutorials tutorial
Hi Philipp, great guide!
How can I do if I would to store and load an encrypted string into/from a Room field?
Thank you
I have a Verizon device.
While I didn't appreciate that I could not root my device, I can appreciate the security of the whole deal.
how to choose between encrypted shared preference and keystore. What are advantages/ disadvantages over each other.
Unbelievable content like always.
Wow, I've been waiting for your video with my coffee. Finally, It's coffee time now☕
Get a coffee for Philip too! ua-cam.com/users/redirect?event=video_description&redir_token=QUFFLUhqa0JpcHBjcU9WOVFkbThlQjVjeDhuemlvRmxTZ3xBQ3Jtc0tsdlhYdTBmY1ZvWjZTRTVnRDROZXRLWHZlQWNsWUQwdU4zRUxHWjlreDBqdUdTZEhKTndlRFhQazRtZXVZYUd3aW1MVTh1R3ZRWDhZUlRDVUx6ZWllNHlsNzAtNDNpQUE5N3lXOVRtUzFRS3BaU3d5Yw&q=https%3A%2F%2Fwww.buymeacoffee.com%2Fphilipplackner&v=aaSck7jBDbw
Hi Phillip, thanks for the tutorial. But can you please help us understand how to save, get, update and delete EncryptedSharedPreferences?
Cool, thanks! Looks like this crashes if you try to re-encrypt the same input string (" IV has already been used. Reusing IV in encryption mode violates security best practices"). Is there an explanation for what is wrong in the example here?
Ohh, you might need to make the encrypt cipher a function instead, so it generates a new one when you re-access it. Sorry my bad
@@PhilippLackner Yes that worked. For reference:
fun encrypt(bytesIn: ByteArray, outputStream: OutputStream): ByteArray {
val cipher = encryptCipher() //
@@ubersticks can you please show us what the encryptCipher() looks like now ?
@@simonanikolova1719 see the previous reply -- it has the function
@@ubersticks I meant the code for the encryptCipher transformed to function but I figured it out. Here is my code if anyone else needs it in the future:
private fun getEncryptCipher(): Cipher {
return Cipher.getInstance(TRANSFORMATION).apply {
init(Cipher.ENCRYPT_MODE, getSecretKey())
}
}
Greate tutorial, if we.have to encrypt entire app, including all the files, what would be the best way?
Been waiting for this
That's just incredible, thank you man ❤️
I fucking love you mate!! I saw a lot of videos for soft but tNice tutorials one is handsdown the best one! Love how your super calm and really take
your content is awesome, but i have a problem that some people can decompile assets folders from apk and stolen my android assets. my question is how to secure the assets folders?
best regards
Does it make sense for you to encrypt the Room database with SQLCipher? I've been reading information on forums and watching some videos, but I'm really not sure if it's a good practice.
Thanks for sharing your expertise.
Great video! Thank you Philipp
THanks for the help. My friend reconded tNice tutorials software and I was very comfused
@Philipp Lackner , thank you for all your efforts. I learned a lot from you! Please suggest me a book that covers android development topics that helps to learn android in depth(the newer the better). Thanks beforehand 😊
With the alias name anyone can read and access keystore keys. How to prevent this???
One request: please make a video on Play Integrity API as a part of this security series.
If possible..
Btw lots of thanks.
Thank you for this video, i was wondering how do we do the same with Asymetric Keys like RSA ?
thanks man !!! you're the best
Hi, I will like to know if should we save or use inputStream/outPutStream and files to persist the data? Where should we save it?
Such a shame I probably can't buy your courses from my country.
But thank you for your content, I have recently landed my first Android dev job after learning by watching your videos and trying to replicate stuff from them.
Thanks, but why not? Assuming you're from Russia, you could still get them by using a VPN + entering a different country during checkout.. Had some customers who did this and it worked well. Of course only if you don't need the invoice as business expense or so
@@PhilippLackner Yeah, I thought of that way too, but I am currently studying at university, so I wonder if I'll have time to travel to another country before next summer.
I wonder if I can somehow bypass all this stuff with a SIM card that came from a different country, that would be way easier.
I'm coming for dat Compose course sooner or later though ヽ(ಠ_ಠ)ノ
@@АрсенийСтучинский-в1ъ who speaks of traveling to another country 😅 stay where you are and enter something else together with an active VPN
@@PhilippLackner oh, I misunderstood the "entering from another country" part :D
Alright, I'll check out how this is done later, thanks
@@АрсенийСтучинский-в1ъ lmao, no I mean during checkout just selecting a country different from russia😂
Not only liked the video, loved it
Why would Samsung equip this mode onto a touch sensitive device? Imagining the scenario where some person activating the Encryption via butt dial--now--is left permanently scarred with the decision to hard reset their data while losing their files in the process? That's not cool.
i am getting bad padding exception
Will be following
for some reason even after following everything the decrpytion doesnt work, I've also tried cloning your github project & it gives me the same issue, there's not much documentation on this either
If an attacker knows "secret", can the SecretKey be loaded and used to decrypt and access your data?
The video is great. you are the best
Instead of saving to a file I can directly save the ByteArray to a datastore right?
I wanna encrypt a string & decryption will happen at server side.. what would be good & secure way of implementing it?
Do you know about Op-TEE? If u know can u make a video on this how to integrate OP-TEE in Android studio
that was so use full! !
How would that be possible to implement to encrypt / decrypt an app db upon opening and closing an app? Ofc, a user would have to input the pass upon opening the app
YOU ARE THE BEST 👍👍👍👍👍👍
i have physical image of android phone in binary fromat having file base encryption and i have key also , i want to decrypt that image how should i process further
'please help me on this
Thanks everyone
Hi Philipp can you make a separate course on Android Security for offline as well as online system cause there are some tools(http canary) which can capture https data. Even ssl pining is useless there are tools which can disable them . Even signature verifications(ultima - a tool that kills every signature protection) are useless these days , using NDK is safe but there are no tutorials on web for the same
Oh man, you so fucking helped me. Thank you so much!
hey i have very important data encrypted in a format like this it is of a crypto wallet how do decrypt it like it is really important help
The source code on your github has references to "Username / Password" load and save, but crashes when tried. Was this an oversight?
Can you do a video on build gradle using KTS
Hey dear I want to download a video from 1dm application but when I start downloading the video it says 16 byte AES-128 decryption key in base 64 format is required. Can you please make a video on it.
Really helped in 19 thx
Nice video. Lets say you encrypt a file and copy it off your device to a server. Your device crashes, breaks, gets lost. Your keystore is gone. How do you read/open the file you copied off the device. Also, is the keystore backed up by google? Can you transfer and use the keystore onto a different device? How to protect yourself from having all your eggs in one basket?
Nope, then you gotta manage your own key, but also carry the risks. You can't have both the advantages of having a key that can't leave the device and being 100% flexible
@@PhilippLacknerwhy not also use a random salt
Thanks Philipp Sir 🤟👍👍
You're welcome
What about importing midi files because most midis freezes my program. What can I do about it? I'm using soft soft Bundle Pack by
in MVVM where should be the CryptoManager?
you are amazing 💯💯💯👌🤚🤚🤚❤❤❤
Day 1 requesting for a Sonar Qube tutorial ✌️
Hello bro i am interested in your multi module android development course. Will there is 25% discount in future again.
Sorry I don't often have discounts. Surely there will be on future, but not in the next months
I am wondering if one could fake my app with the same package name and use the keystore to decrypt files which should only be decrypted from my app.
Hi. I got java.lang.IllegalStateException: IV has already been used. Reusing IV in encryption mode violates security best practices.
Can you tell me how to implement this with random IV?
Love you ❤
which font do you use in android studio?
Can u make video on Encrypting and decrypting image in android
What does iv stands for?
Can we write the encoded string to preference datastore?
Sir, android encription prevent data recovery?
Can you do the same thing with pictures? I would like to encrypt and decrypt pictures
sure, the computer only knows bytes
@@PhilippLackner So, I can follow this example and use your class to encrypt/decrypt pictures?
Would it be possible to email you a question?
Bro..if my manifest file written in XML code..
will it be compiled into java byte code or .APK file..
Can some one change the configuration in that .APK file from outside the app for example from another Android app on a device?
Because I heard XML is not secure because it can be converted into JSON..
but if it is a java byte code probably it is much secure than XML
manifests don't get compiled, besides, even if someone were to manipulate the manifest file, there's little they can do
What about using a random salt?
The app crashed after I pressed the decrypt button. What am I doing wrong?
Awesome
🔥🔥🔥
Can an app access the key from another app by specifying the key alias?
Of course not 😅
I ain't got exams per say, but I'm tryna study for an IT certification... TNice tutorials is more important tho
هل يوجد ترجمه للغه العربيه
ong thats how i am right now
first 😎
Legend 😍
Brilliant stuff
I cloned the project from GitHub but when I tried to run the project I am getting a javax.crypto.AEADBadTagException caused by Caused by: android.security.KeyStoreException: Signature/MAC verification failed error
I had the same
If anyone is getting following error:
"IV has already been used. Reusing IV in encryption mode violates security best practices."
I solved it by initializing the encryptCipher each time I try to encrypt something.
Like this:
private val encryptCipher = Cipher.getInstance(TRANSFORMATION)
fun encrypt(bytes: ByteArray, outputStream: OutputStream): ByteArray {
encryptCipher.init(Cipher.ENCRYPT_MODE, getKey())
// rest of the code
}
I don't know if this is correct way to do this but functionality worked correctly after this change.
Same Issue , it's right way to do ? Have to change only the random IV not the key
Phillip 🔥🔥🫂
I have javax.crypto.BadPaddingException at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal when I decrypted. Whats wrong?
I received the same crash .. any one know the solution ?! please I need help
@Phillip can u support us please