Encryption and Decryption of Data in DataStore for Secure Local Storage

Abstract

The relevance of this study is determined by the growing threats of data leakage in mo-bile applications, where sensitive user information such as tokens, passwords, and API keys are often stored insecurely. Local storage on Android devices remains a critical aspect of ap-plication security, as improper handling of sensitive data can lead to unauthorized access, data breaches, and financial or reputational damage. This research focuses on addressing the problem of insecure storage within Android's DataStore and proposes a secure encryption-based approach to mitigate risks. The problem statement highlights that DataStore, a modern and efficient key-value storage solution for Android applications, lacks built-in encryption mechanisms, leaving sen-sitive information vulnerable to unauthorized access. While DataStore provides an efficient and structured way to store small amounts of persistent data asynchronously, its default im-plementation does not offer protection against potential data exposure in case of device com-promise or malware attacks. This raises the need for additional security measures to ensure that confidential information, such as authentication tokens, remains protected. The objective of this research is to develop and implement a secure method for encrypt-ing sensitive data stored in DataStore. The goal is to integrate an effective encryption mecha-nism that enhances data security without compromising performance or usability in Android applications. The study focuses on AES encryption (Advanced Encryption Standard) using Cipher Block Chaining (CBC) mode with PKCS7 padding to ensure strong protection against unauthorized access. AES encryption is widely recognized for its robustness, and the chosen configuration enhances security by introducing randomization and integrity checks. The methodology involves an in-depth analysis of existing Android storage mechanisms, a comparative evaluation of encryption techniques, and the development of an encryption lay-er integrated with DataStore. The proposed encryption scheme was implemented using Ja-vax.crypto libraries, ensuring compatibility with modern Android security best practices. The research also examines the impact of encryption on application performance, assessing fac-tors such as processing time, storage efficiency, and integration complexity. The results demonstrate that incorporating AES encryption significantly improves the security of sensitive data in DataStore without introducing substantial performance overhead. The experimental implementation confirms that encrypted tokens stored in DataStore remain protected from unauthorized extraction, even in cases where an attacker gains access to the file system. Additionally, the research highlights the importance of proper key management, advocating the use of Android Keystore for securely generating and storing encryption keys. Key conclusions drawn from the study emphasize that encryption is essential for pre-venting unauthorized access to sensitive data stored in DataStore. The implementation of AES-CBC encryption with PKCS7 padding effectively enhances security while maintaining efficiency. Future research directions include exploring more advanced encryption modes, such as AES-GCM, and evaluating their performance trade-offs in real-world applications. The study also recommends further research on user authentication mechanisms to comple-ment data encryption and strengthen overall application security.