I'm working on developing a library with a set of APIs that developers can latch on to, and then build their Android applications on top of this library. However, I have an issue here. I have an encryption key in the code that I want to protect. So, I want to prevent users from reverse engineering or decompiling my code, and finding out the encryption key.
How do I protect my library? I have searched the internet on this, and the common census seems to be that in spite of obfuscation, complete security cannot be guaranteed and with enough time and patience, a developer can eventually crack the code and sniff out the protected data. However, I am still not able to buy this opinion fully. For example, Qualcomm's Gimbal released an Android SDK (https://docs.gimbal.com/android/v2/devguide.html), and their software pricing is entirely dependent on the fact that developers don't decompile and understand their packet decryption algorithm. Is there a way to enforce protection at a code level, or are we only left with licenses/legal route to protect code IP? -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/android-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/android-developers/785fcd48-a565-443a-972f-d25afa8172b7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
