Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Network_Security_in_Android.pdf
Search
ValentineRutto
November 16, 2019
Programming
0
48
Network_Security_in_Android.pdf
ValentineRutto
November 16, 2019
Tweet
Share
More Decks by ValentineRutto
See All by ValentineRutto
Kickstarting your tech career
valentinerutto
1
36
The D in SOLID Principles
valentinerutto
0
210
Consuming Rest Api with retrofit in Android
valentinerutto
0
200
Exposing Network Result Status in MVVM
valentinerutto
0
59
Complex ui animation with Motion layout
valentinerutto
0
87
Tech Opportunities
valentinerutto
1
90
Android paging library
valentinerutto
0
250
Android Room persistence library
valentinerutto
0
150
UI/UX FOR MOBILE
valentinerutto
0
250
Other Decks in Programming
See All in Programming
Stackless и stackful? Корутины и асинхронность в Go
lamodatech
0
830
From Translations to Multi Dimension Entities
alexanderschranz
2
130
php-conference-japan-2024
tasuku43
0
320
「Chatwork」Android版アプリを 支える単体テストの現在
okuzawats
0
180
Spatial Rendering for Apple Vision Pro
warrenm
0
110
Effective Signals in Angular 19+: Rules and Helpers @ngbe2024
manfredsteyer
PRO
0
140
PHPUnitしか使ってこなかった 一般PHPerがPestに乗り換えた実録
mashirou1234
0
230
Go の GC の不得意な部分を克服したい
taiyow
3
800
テストケースの名前はどうつけるべきか?
orgachem
PRO
0
140
Effective Signals in Angular 19+: Rules and Helpers
manfredsteyer
PRO
0
110
Scalaから始めるOpenFeature入門 / Scalaわいわい勉強会 #4
arthur1
1
340
menu基盤チームによるGoogle Cloudの活用事例~Application Integration, Cloud Tasks編~
yoshifumi_ishikura
0
110
Featured
See All Featured
Rails Girls Zürich Keynote
gr2m
94
13k
Unsuck your backbone
ammeep
669
57k
Scaling GitHub
holman
458
140k
Testing 201, or: Great Expectations
jmmastey
40
7.1k
The Language of Interfaces
destraynor
154
24k
Imperfection Machines: The Place of Print at Facebook
scottboms
266
13k
Done Done
chrislema
181
16k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
38
1.9k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
45
2.2k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
GraphQLの誤解/rethinking-graphql
sonatard
67
10k
A Modern Web Designer's Workflow
chriscoyier
693
190k
Transcript
Network Security in Android
None
KOKO is mainstreaming liquid bio-ethanol cooking fuel as a fast,
safe and affordable alternative to dirty cooking fuels such as charcoal https://kokonetworks.com
Protecting your app from reverse engineering and man in the
middle attacks
SSL certificate pinning Obfuscation with proguard
SSL Certificate pinning Why SSL Certificate pinning? to prevent man
in the middle attack What is SSL? -Secure Socket Layer - its a protocol that has always been used to encrypt and secure transmitted data between server and client (website and browser).
SSL Certificate pinning What is ssl certificate pinning? is ensuring
that any client SSL request first validates that the server’s certificate exactly matches the bundle’s certificate previously stored in the application.
SSL Certificate pinning
SSL Certificate pinning What steps do we need? • Obtaining
a certificate for the desired host (preferably the whole certificate chain). • Pin the certificate to an instance of DefaultHttpClient
SSL Certificate pinning Get certificate public key from ssllabs This
is the hashed public key of the certificate
SSL Certificate pinning
SSL Certificate pinning
SSL Certificate pinning - Failure
Obfuscation What? -is a process of creating source code in
a form that is hard for human to understand. Why? To prevent reverse engineering To reduce your app size
1. Configure your gradle file (app/gradle) 2. Use default android
proguard rules or create your own 3. Edt your rules Obfuscation Steps
Obfuscated Code
Non-obfuscated code
Resources Proguard android ssl pinning practical proguard rules
Demo….!!!!!! Demo github link
Thank you !!