We have an Android application that stores its data in a local SQLite database; primarily for performance, as well as for working offline (since we often find ourselves in areas with a low signal level).
At the moment, the data is stored in an encrypted format (transmitted from our web servers), but this in itself causes a performance problem, for example, if we want to search for records for a specific "last name", we need to decrypt ALL data, rather than using direct SQL query to include where surname = 'Smith'
We cannot (as it costs now) store data in a more friendly "open format", since you can "root" the device, take a copy of the MySQL database, open it and read the data.
Are there any means (maybe someone can provide an example) to password protect the local SQLite database or somehow use encryption so that we can (from the point of view of the application) have an accessible database in an open format, but if any a potential hacker took possession of the device and rooted it ... would it be difficult for them to read our data?
I was looking for a suitable solution and cannot find any parameters for the SQLite database, any third-party software, or any code examples that do this.
source
share