12-25-2023, 01:59 PM
Secure Api Keys With A Public-Key Cryptography On Android
Published 12/2023
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.03 GB | Duration: 2h 22m
Store API Keys on a Backend Server and exchange them Securely with Andorid app, with the help of Android Keystore System
What you'll learn
Public-Key Cryptography
Generate Private/Public Key Pair
Encrypt/Decrypt the Data
Establish a Secure Communication
Secure Exchange of API Keys between Android app and a Server
Android Keystore System
Learn more about Security Concepts in Android
Encrypted Shared Preferences
Learn how to Secure your Android app
Requirements
Basic knowledge about Kotlin and Jetpack Compose
Knowledge about Kobweb Framework is a plus
Description
In this short-length course I will teach you how to securely store API keys in your Android App, without exposing them to the public. With the help of a Public Key Cryptography, Android Keystore System, Encrypted Shared Preferences and our own Backend server, you will achieve exactly that.Public key cryptography, also known as asymmetric cryptography, is a cryptographic approach that uses key pair: public key and private key. Each key pair consists of a public key and a private key that are mathematically related but cannot be derived one from another.This approach will help us to securely exchange the data between a client and a server. API Keys will be initially stored securely on our backend Server. The server and the client will exchange the public key, to encrypt the data, before sending it back to the client.That way we can make sure that no one can read the actual data which is exchanged. Only our Android application will hold the private key to decrypt the data, and securely store the API keys on a device.Android Keystore system is a part of the Android operating system that provides a secure storage facility for cryptographic keys, certificates, and related information. It is designed to protect sensitive data, such as private keys used for encryption and authentication, from unauthorized access.I will provide you with some more detailed information about the Keystore System itself and how does it work. We will utilize that system to securely store the Public Key Pair that is going to be generated for us.So what are you waiting for, let's get started!
Overview
Section 1: Introduction
Lecture 1 Introduction
Section 2: The Basics of Cryptography
Lecture 2 The History of Cryptography
Lecture 3 The Principles of Cryptography
Lecture 4 Symmetric Key Cryptography
Lecture 5 Asymmetric Key Cryptography
Lecture 6 Hash functions
Section 3: Client Application - Android
Lecture 7 Source Code - Android App
Lecture 8 Setup the Project
Lecture 9 Android's Keystore System
Lecture 10 Create KeyPairHandler
Lecture 11 Implement KeyProviderService
Lecture 12 Implement EncryptedPreferences
Lecture 13 Create the MainScreen UI
Lecture 14 Fetch Api Keys and Store them Securely
Section 4: Server Application - Kobweb/Ktor
Lecture 15 Source Code - Kobweb Server
Lecture 16 About Kobweb Framework
Lecture 17 Create DataEncryption object
Lecture 18 Create Key Provider Endpoint
Lecture 19 Let's Test it out!
Section 5: Server Deployment
Lecture 20 Let's Deploy our Server!
Section 6: Security Best Practices
Lecture 21 More Security Advices
Android developers,Security Engineers,People who want to secure their Apps before publishing them on Play Store,Anyone who wants to improve the overall Security of their Apps
HOMEPAGE
DOWNLOAD