保护Coredata对象

Question

I am working on an application which has got some sensitive information. I am aware that it would be difficult for a layman to hack into iphone to get the information. If I use SQLite directly I have something called SQLite Cipher to encrypt / encode the database.

Is there anyway where I can have the same way of encrypting the coredata so it makes it hard for hackers to get into the data.

Can someone shed some light on this?

Thanks in Advance

Answer 1

Core data is now encrypted by default (hardware encryption) on iPhone 3GS and later devices, including iPad. This means that data is automatically encrypted with a hardware key. In iOS 4 or later, by following the steps at Nick Harris' more detailed blog entry , a second layer of encryption (called 'data protection') can be enabled which also uses the user's password to encrypt the hardware key.

All of this depends on users setting a secure passcode and enabling data protection in iOS 4 . If you're a registered apple developer, you can also watch the WWDC 2010 video on "Securing Application Data" in iTunes at this link and look at the PDF of the slides here after entering your developer id and password, for more detailed information about file encryption.

To enable data protection, in your - (NSPersistentStoreCoordinator *)persistentStoreCoordinator call, just change the file attributes of your .sqlite file using the key and value below. See Nick Harris' blog for more detailed code, including how to check to see if iOS 4 or higher is active.

NSURL *storeURL = [[self applicationDocumentsDirectory] URLByAppendingPathComponent:@"MyAppName.sqlite"];
NSString *storePath = [storeURL path];
NSDictionary *fileAttributes = [NSDictionary dictionaryWithObject:NSFileProtectionComplete forKey:NSFileProtectionKey];
[[NSFileManager defaultManager] setAttributes:fileAttributes ofItemAtPath:storePath error:&error]

Answer 2

The Core Data Programming Guide says explicitly that the SQL store type is a little more secure than XML or binary, but is not inherently secure - it recommends an encrypted disk image. Unfortunately, that's a little hard to manage on the iPhone.

What you might consider, if this is a real concern for you, is to build your own persistent store type - the Guide has a section on creating your own atomic store, and refers you to the Atomic Store Programming Topics document. Build a store that takes some key from a user prompt at startup, then initializes with that key for encryption and decryption purposes. (Note that if you take this route, the NSPersistentStore class reference says that subclassing NSPersistentStore directly is not supported in Core Data - you should subclass NSAtomicStore instead.)

Answer 3

If someone is using a jail broken iphone there is absolutely nothing you can do. The functions you are using for encryption and decryption can be hooked to obtain the key/iv used. You can also do nasty things like do full dumps of the flash, keyboard buffer, and other "debug" info.

To make things more difficult you can limit the amount of time a secret is stored on the device. Store secrets on a remote system and transfer them via ssl, delete them when you don't need it. This protects against someone stealing the iphone, jail breaking it, and then dumping the database. I'm not sure if this is an attack that threatens your specific application.

In terms of a "layman" (people who can't read? :) Then you don't have much to worry about. Apple has protection in place to keep installed apps from reading/writing to each others resources.

Answer 4

You can add a category for an entity, which overrides reading and writing values to the persistent store. You can then hook into CommonCrypto routines for private- and public-key encryption and decryption of those values as they are stored and retrieved by your application.