we have a java application running on linux. when the app crashes and restarted- we need to recover ( persist ) a very sensitive information that was stored in previous run ( global static var ). no database allowed ( insecure ) . also it's important that no-one can undetectably change this information ( e.g. override a file etc ).
Thanks in advance
To secure the data you need to encrypt it. Use AES-256 in CBC or CTR mode with PKCS7 padding. Do not store the encryption key in your application. You can store the IV/nonce as it does not need to be secure.
To ensure that the data is not changed use HMAC, with SHA-256. You must use a different key for the HMAC than you used for AES.