15
Jul
2010
Core Data and Encryption
by Marcus Zarra
Just a quick post to point out a great article written by Nick Harris of NewsGator fame. He has looked into the issues with Core Data and encryption.
Core Data and Enterprise iPhone Applications – Protecting Your Data
It has always been a difficult question and fortunately Apple has addressed it for us. Even better, Nick has shared the code so we don’t even need to try and discover the solution ourselves.
Thanks Nick!
I’ve just also read the article from Nick als well as the notes from Anthony
http://anthonyvance.com/blog/forensics/ios4_data_protection/
but it answers only the question how to protect data generated on the device itself.
What about if you ship valuable data with your app. I guess you have to encrypt table content in your sqlite database and use a built-in decryption engine?!
I’m always using core data so there is no way to use SQLCipher (http://www.zetetic.net/code/sqlcipher).
As far as I understand relies the built-in hardware encryption from Apple on the fact, that the user uses a passcode!
If you want to ship data then you can consider encrypting the entire file, decrypting it on first launch and putting the decrypted version into the ~/Documents directory.
I used NSValueTransformer to do encryption/decryption using Apples CommonCryptor Toolbox(AES128) so far.
Just checking how this affects US export regulations.
Hi
How can i encrypt a sqlite database?
Thanks in advance ika.
@ikaroweb