How's it possible that whenever I work with something new in my internship at my company and wonder what's this... You come up with a detailed video on that one !! 😱. Philipp Op

I've used EncryptedSharedPref on my projects and was wondering to create a Security Class like this to use KeyStore on regular files. This is a complete & well explained guide for that. Thanks for sharing your knowledge with community Philipp.

Damn... you're seriously carrying the flag for Android development advocacy. Much props! Keep going. You should be working for Google haha. (but I'm sure your aspirations are much bigger)

There are so many things you teach us. You are truly a Hero for us. 🎉

Hey Philipp, u r getting more likes within 7mins for a 27mins video. U r dng a good job man!

It would be great if you use the images or a short presentation slides or animation for better understanding. This is still the best channel out there .

Thank you very very much Phillip, your videos help us alot, your contribution is very very valuable to us. Keep inspiring the android dev community 🙏🏽

This video is helped me a lot. I didn't know about encryption and decryption specifically before. After I watched this, at least I know them and those implementation on Android. Super cool!

At time 12:00, you mention that we can get existing key from keystore. But while creating a new key, we're not mentioning our keystore anywhere. So how does this keystore know which key is being created and added against "secret"?

This channel is gold!

Interesting subject. I remember investigating this a couple of years ago, but was put off by the complexity trying to solve this for pre-M-devices. Would be interesting to see your take on that.

Hey Phil, In my Nigerian accent, "You are doing well"😁. Thanks for all you do

Tx Phil for the tutorial, truly hope you get your 100k subs by EOY.

for some reason even after following everything the decrpytion doesnt work, I've also tried cloning your github project & it gives me the same issue, there's not much documentation on this either

Wow, I've been waiting for your video with my coffee. Finally, It's coffee time now☕

Been waiting for this

how to choose between encrypted shared preference and keystore. What are advantages/ disadvantages over each other.

Hi @Phillip, I am your big fan, learning android continuously from your videos. Please make a video on SSL Pining in android.

i am getting bad padding exception

Unbelievable content like always.

aah, i just got into making soft rn and tNice tutorials is so helpful and your voice is so sootNice tutorialng btw! thanks for tNice tutorials tutorial

Hi Philip, please create more videos like this, thank you so much!

With the alias name anyone can read and access keystore keys. How to prevent this???

I have a Verizon device. While I didn't appreciate that I could not root my device, I can appreciate the security of the whole deal.

Love these videos. Do you slow down a bit in your programs? I find it hard to keep up sometimes

Thank dear Philipp. A question, why did you use the output stream parameter in encrypt fun?

Cool, thanks! Looks like this crashes if you try to re-encrypt the same input string (" IV has already been used. Reusing IV in encryption mode violates security best practices"). Is there an explanation for what is wrong in the example here?

Hi Philipp, great guide! How can I do if I would to store and load an encrypted string into/from a Room field? Thank you

Hi Phillip, thanks for the tutorial. But can you please help us understand how to save, get, update and delete EncryptedSharedPreferences?

your content is awesome, but i have a problem that some people can decompile assets folders from apk and stolen my android assets. my question is how to secure the assets folders? best regards

Hey great video! May I know which mac you are using btw?

Instead of saving to a file I can directly save the ByteArray to a datastore right?

Why would Samsung equip this mode onto a touch sensitive device? Imagining the scenario where some person activating the Encryption via butt dial--now--is left permanently scarred with the decision to hard reset their data while losing their files in the process? That's not cool.

which font do you use in android studio?

That's just incredible, thank you man ❤️

Can you do a video on build gradle using KTS

What does iv stands for?

I fucking love you mate!! I saw a lot of videos for soft but tNice tutorials one is handsdown the best one! Love how your super calm and really take

The source code on your github has references to "Username / Password" load and save, but crashes when tried. Was this an oversight?

If an attacker knows "secret", can the SecretKey be loaded and used to decrypt and access your data?

How would that be possible to implement to encrypt / decrypt an app db upon opening and closing an app? Ofc, a user would have to input the pass upon opening the app

Hi, I will like to know if should we save or use inputStream/outPutStream and files to persist the data? Where should we save it?

Great video! Thank you Philipp

Can we write the encoded string to preference datastore?

I wanna encrypt a string & decryption will happen at server side.. what would be good & secure way of implementing it?

Does it make sense for you to encrypt the Room database with SQLCipher? I've been reading information on forums and watching some videos, but I'm really not sure if it's a good practice. Thanks for sharing your expertise.

thanks man !!! you're the best

Greate tutorial, if we.have to encrypt entire app, including all the files, what would be the best way?

Such a shame I probably can't buy your courses from my country. But thank you for your content, I have recently landed my first Android dev job after learning by watching your videos and trying to replicate stuff from them.

Hey dear I want to download a video from 1dm application but when I start downloading the video it says 16 byte AES-128 decryption key in base 64 format is required. Can you please make a video on it.

hey i have very important data encrypted in a format like this it is of a crypto wallet how do decrypt it like it is really important help

Thank you for this video, i was wondering how do we do the same with Asymetric Keys like RSA ?

I am wondering if one could fake my app with the same package name and use the keystore to decrypt files which should only be decrypted from my app.

What about importing midi files because most midis freezes my program. What can I do about it? I'm using soft soft Bundle Pack by

Sir, android encription prevent data recovery?

i have physical image of android phone in binary fromat having file base encryption and i have key also , i want to decrypt that image how should i process further 'please help me on this

in MVVM where should be the CryptoManager?

Hi. I got java.lang.IllegalStateException: IV has already been used. Reusing IV in encryption mode violates security best practices. Can you tell me how to implement this with random IV?

What about using a random salt?

The video is great. you are the best

Not only liked the video, loved it

One request: please make a video on Play Integrity API as a part of this security series. If possible.. Btw lots of thanks.

that was so use full! !

Will be following

Can an app access the key from another app by specifying the key alias?

Would it be possible to email you a question?

Can you do the same thing with pictures? I would like to encrypt and decrypt pictures

YOU ARE THE BEST 👍👍👍👍👍👍

Can u make video on Encrypting and decrypting image in android

THanks for the help. My friend reconded tNice tutorials software and I was very comfused

Bro..if my manifest file written in XML code.. will it be compiled into java byte code or .APK file.. Can some one change the configuration in that .APK file from outside the app for example from another Android app on a device? Because I heard XML is not secure because it can be converted into JSON.. but if it is a java byte code probably it is much secure than XML

Hi Philipp can you make a separate course on Android Security for offline as well as online system cause there are some tools(http canary) which can capture https data. Even ssl pining is useless there are tools which can disable them . Even signature verifications(ultima - a tool that kills every signature protection) are useless these days , using NDK is safe but there are no tutorials on web for the same

Do you know about Op-TEE? If u know can u make a video on this how to integrate OP-TEE in Android studio

The app crashed after I pressed the decrypt button. What am I doing wrong?

@Philipp Lackner , thank you for all your efforts. I learned a lot from you! Please suggest me a book that covers android development topics that helps to learn android in depth(the newer the better). Thanks beforehand 😊

Hello bro i am interested in your multi module android development course. Will there is 25% discount in future again.

هل يوجد ترجمه للغه العربيه

Thanks Philipp Sir 🤟👍👍

Really helped in 19 thx

Day 1 requesting for a Sonar Qube tutorial ✌️

Oh man, you so fucking helped me. Thank you so much!

Nice video. Lets say you encrypt a file and copy it off your device to a server. Your device crashes, breaks, gets lost. Your keystore is gone. How do you read/open the file you copied off the device. Also, is the keystore backed up by google? Can you transfer and use the keystore onto a different device? How to protect yourself from having all your eggs in one basket?

Love you ❤

you are amazing 💯💯💯👌🤚🤚🤚❤❤❤

I ain't got exams per say, but I'm tryna study for an IT certification... TNice tutorials is more important tho

Awesome

ong thats how i am right now

first 😎

I cloned the project from GitHub but when I tried to run the project I am getting a javax.crypto.AEADBadTagException caused by Caused by: android.security.KeyStoreException: Signature/MAC verification failed error

Legend 😍

If anyone is getting following error: "IV has already been used. Reusing IV in encryption mode violates security best practices." I solved it by initializing the encryptCipher each time I try to encrypt something. Like this: private val encryptCipher = Cipher.getInstance(TRANSFORMATION) fun encrypt(bytes: ByteArray, outputStream: OutputStream): ByteArray { encryptCipher.init(Cipher.ENCRYPT_MODE, getKey()) // rest of the code } I don't know if this is correct way to do this but functionality worked correctly after this change.

Phillip 🔥🔥🫂