Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How Should I Secure a SQLite Database in iOS?

I'm developing a healthcare iOS app. I'd like my users' data to be encrypted so if their iPhone is stolen, the thief won't be able to access their health info. The rightful owner SHOULD be able to access their information (so different than this question).

I'm considering using SQLCipher to encrypt the entire DB, and putting the SQLCipher password in Keychain.

Is this a good technique?

Also, do I understand correctly that--since everything is on the device--a determined hacker will be able to break in no matter what?

like image 572
Ford Avatar asked Nov 27 '10 15:11

Ford


People also ask

How do I protect SQLite database?

You can password protect a SQLite3 DB. Before doing any operations, set the password as follows. conn = new SQLiteConnection("Data Source=MyDatabase. sqlite;Version=3;Password=password;"); conn.

Can SQLite be used in iOS?

SQLite is highly portable, meaning it can run on almost any platform, including Windows, macOS, Linux, Android, and iOS.

Are SQLite databases secure?

The SQLite Store is a set of database files, which is deployed on the untrusted area. However, data on the SQLite Store are protected with the authenticated encryption scheme, making data tampering and eavesdropping impossible.

Can SQLite be encrypted?

SQLite doesn't support encrypting database files by default. Instead, you need to use a modified version of SQLite like SEE, SQLCipher, SQLiteCrypt, or wxSQLite3.


2 Answers

Aim for two-factor encryption: you should encrypt the DB as described, but require the user to enter in a password each time they launch the application. The DB's key would be a hash of the password, salted with a nonce. Store the password salt in the keychain.

A determined hacker could could get to the encrypted SQLite database through filesystem access. If they were able to break the keychain encryption, they would easily be able to crack the database, but by requiring a password (or passphrase) from the user, it helps against that attack.

like image 199
Jason Avatar answered Nov 10 '22 05:11

Jason


I think that your solution make sens. It gives quite good security and keep your app simple to use.

The main thing you are geting with keychain is that the user backups are secured because keychain content isn't backed up with iphone. (But I guess you know that already)

But this is huge security plus as the potential hacker will have to get physical access to the iphone. Moreover if the iphone is blocked by pin it is likely that the only quick way to get the data out is to physically access the flash memory of the device which isn't the easiest thing to do.

To be honest I don't believe that users will use your app if you force them to enter long passwords. And if you let them use any password their like, hackers will be able to break the database encryption using dictionary attack.

like image 21
Piotr Czapla Avatar answered Nov 10 '22 05:11

Piotr Czapla