如何隐藏使用 Java 桌面应用程序构建并由 Android 应用程序使用的文件的内容?
我正在构建一个工具,使教师能够使用 Java 桌面应用程序创建练习。练习由问题及其答案组成,并保存到单个文件中。
学生们将此文件导入到 Android 应用程序中。
当然不能允许学生查看练习文件的内容,因为这会给他们问题的答案。那么,如何隐藏使用 Java 桌面应用程序构建并由 Android 应用程序使用的文件的内容呢?
我的第一个想法是使用对称加密来加密文件,并将密码硬编码到 Java 桌面应用程序和 Android 应用程序中,但是我认为对 Java 桌面应用程序进行简单的逆向工程将很快泄露密码。我的下一个想法是使用某种公钥加密,将私钥硬编码到 Android 应用程序中,但在不确定的情况下,我认为也可以对 Android 应用程序进行逆向工程。那么我的策略是什么?有什么明显的解决方案是我无法理解的吗?
编辑 - 附加信息:
- 我想避免使用网络 服务器。
I'm constructing a tool that enable teachers to create exercises by using a Java desktop application. The exercises consists of questions and their answers and are saved to a single file.
The students import this file into an Android app.
The students must naturally not be allowed to view the content of the excercise file as this would give them the answers to the questions. So, how can i conceal the content of a file that is constructed using a Java desktop application and used by an Android app?
My first thought was to encrypt the file using symmetric encryption and the password hardcoded into the Java desktop application and the Android app, however I presume a simple reverse-engineering of the Java desktop application would reveal the password quickly. My next thought was to use some sort of public key encryption, hardcoding the private key into the Android app, but without being certain I assume it is possible to reverse-engineer the Android app as well. So what is my strategy? Is there any obvious solution I just can't wrap my mind into?
Edit - additional info:
- I would like to avoid the usage of web
servers.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
最安全的方法是让问题有 id,然后让 Android 应用程序使用一些远程服务器在运行时检查答案,这样应用程序永远不会知道正确的答案。但你必须开发一个网络服务才能做到这一点。
The most secure way is to let questions have ids and then let android application check the answer in runtime using some remote servers, so that application will never know about the correct answer. But you have to develop a web-service to do it.