Encrypting and/or protecting assets within your app

Solar2D General Questions/Discussion
#21

You can check out the AESlua which is quite fast with the new bitOp pluging:

http://forums.coronalabs.com/topic/28934-corona-resource-centre-tutorials-templates-and-more/?view=getnewpost

AES is probably the most secure encryption for lua at the moment.

#22

Perhaps adding PASSWORD support to the recent zip/unzip plugin would be helpful.

:slight_smile:

#23

Simply:

  1. Use a UUID for the device.

  2. Use HMAC to create a hash using some secure value, the UUID and a secret key.

  3. Store the HMAC alongside the cleartext, and require agreement before unlocking whatever your data represents, an IAP entitlement, a high score, whatever. If the hashes don’t match, you’ve detected tampering and are free to zero out that entitlement or privileged data.

#24

Perhaps adding PASSWORD support to the recent zip/unzip plugin would be helpful.

:slight_smile:

#25

Simply:

  1. Use a UUID for the device.

  2. Use HMAC to create a hash using some secure value, the UUID and a secret key.

  3. Store the HMAC alongside the cleartext, and require agreement before unlocking whatever your data represents, an IAP entitlement, a high score, whatever. If the hashes don’t match, you’ve detected tampering and are free to zero out that entitlement or privileged data.