Core Data and Encryption

by Marcus Zarra

Just a quick post to point out a great article written by Nick Harris of NewsGator fame. He has looked into the issues with Core Data and encryption.

Core Data and Enterprise iPhone Applications – Protecting Your Data

It has always been a difficult question and fortunately Apple has addressed it for us. Even better, Nick has shared the code so we don’t even need to try and discover the solution ourselves.

Thanks Nick!


I’ve just also read the article from Nick als well as the notes from Anthony
but it answers only the question how to protect data generated on the device itself.
What about if you ship valuable data with your app. I guess you have to encrypt table content in your sqlite database and use a built-in decryption engine?!
I’m always using core data so there is no way to use SQLCipher (http://www.zetetic.net/code/sqlcipher).
As far as I understand relies the built-in hardware encryption from Apple on the fact, that the user uses a passcode!

Marcus Zarra says:

If you want to ship data then you can consider encrypting the entire file, decrypting it on first launch and putting the decrypted version into the ~/Documents directory.

I used NSValueTransformer to do encryption/decryption using Apples CommonCryptor Toolbox(AES128) so far.
Just checking how this affects US export regulations.

ikaroweb says:

How can i encrypt a sqlite database?
Thanks in advance ika.