Title states everything. I've some sensitive data that's saved in SQLite to have an Android application. I have to have the ability to secure when persisting however also decrypting when deserializing in the database too. Unsure what my choices are on Android for carrying this out?

There's nothing included in Android for encrypting database contents. You are invited to secure/decrypt values yourself and keep encoded material within the database, but that is your decision, and would need to be achieved on the cell-by-cell basis.

For file encryption calculations, Android has javax.crypto built-in.

Also, keep in mind when your file encryption secret is a part of the application, anybody who cares to will have the ability to work through your file encryption.

You might like to have a look at this SO question regarding reading through/writing password-protected zip files. It offers a couple of links with a OSS libraries that perform these tasks. Though you are not always thinking about compression, this might potentially solve the issue of decrypting the db at startup and you could simply write the modified database to the encoded file.

@CommonsWare is completely right for the reason that baking the password/key to your application implies that somebody that wanted to might get at the data. However, It would prevent many people from swiping your computer data through trivial means.

No simple answer here. Guess Ill only use something easy to mangle the column values when serializing.

You can test encripting in SHA1

public static String encriptSHA1(String password){
        String hash = "";

        try {
            MessageDigest md;
            byte[] buffer, digest;

            buffer = password.getBytes();
            md = MessageDigest.getInstance("SHA1");

            digest = md.digest();

            for(byte aux : digest) {
                int b = aux & 0xff;
                if (Integer.toHexString(b).length() == 1) hash += "0";
                hash += Integer.toHexString(b);
        } catch (NoSuchAlgorithmException e) {

        return hash;

If you want to secure your database, your most likely utilizing a log-directly into your application correct for security right? Why don't you have your log-in server store your "secret code" for that file encryption and when they log-in, pull the "secret code" and keep code (inside a public string, to not a real file or preference). By doing this if a person decompile's your application they still will not have the ability to decrypt the information as well as your data is going to be safe.

Then use:

On Destroy() to obvious the code each time the application unloads.