<ol> <li>What I can do if I want to protect my app's database?</li> <li>What do I need to know for using SQLCipher?</li> </ol>

Implementing addition protection for users’ data is a really good idea especially when application have a deal with users’ finance information, secure notes, passwords, e.t.c. By default an data base is not encrypted. Its only form of protection is that it is sandboxed from other applications. For this purpose you can use one of the following way: <ul> <li> Using NSFileProtectionKey <ul> <li>This approach helps to to keep the data from being accessible if the user loses the phone.</li> <li><code>NSDictionary *storeOptions = @{ NSPersistentStoreFileProtectionKey : NSFileProtectionComplete };</code></li> <li><code>[coordinator addPersistentStoreWithType:NSSQLiteStoreType configuration:nil URL:[self storeURL] options:storeOptions error:&error])</code></li> <li> <code>NSFileProtectionComplete</code> - The file is stored in an encrypted format on disk and cannot be read from or written to while the device is locked or booting.</li> <li>If no passcode is set or an attacker can unlock the device by gaining physical access, the database file and it's content can be accessed when the device will be jailbreaked.</li> <li>Useful links <ul> <li>WWDC 2012 Protecting the User’s Data </li> <li>NSFileProtectionKey documentation </li> </ul> </li> </ul> </li> <li> Transformable Attributes <ul> <li>This option is sufficient for if you need to use multiple encryption keys or encrypt only certain attributes. Details here.</li> </ul> </li> <li> SQLCipher <ul> <li>If there’s a need to encrypt entire database’s file you can use <code>SQLCipher</code>. It’s an open source extension to <code>SQLite</code> that provides transparent 256-bit AES encryption.</li> <li>you should be warned about few things: <ul> <li>Slight drop in performance -- SQLCipher claims about 5-15% overhead in database I/O.</li> <li>Larger application size, if using SQLite -- you have to embed a copy of SQLCipher instead of using the system's built-in SQLite library.</li> <li>There’s can be a situation where you need to get an ERN (Encryption Registration approval from BIS)</li> </ul> </li> <li>To install SQLCipher you can read zeletetic’s official tutorial of just use a cocoapod <ul> <li><code>pod 'SQLCipher'</code></li> </ul> </li> <li>To encrypt existing database, you need to use <code>sqlcipher_export()</code>. Example </li> <li>SQLCipher and CoreData <ul> <li>CoreData doesn't work directly with SQLCipher, but you can use this project for that purpose</li> </ul> </li> </ul> </li> </ul>

How to encrypt/decrypt my CoreData(sqlite)? Can I use SQLCipher for it?

1 Answers

Implementing addition protection for users’ data is a really good idea especially when application have a deal with users’ finance information, secure notes, passwords, e.t.c. By default an data base is not encrypted. Its only form of protection is that it is sandboxed from other applications.

For this purpose you can use one of the following way:

Using NSFileProtectionKey
- This approach helps to to keep the data from being accessible if the user loses the phone.
- NSDictionary *storeOptions = @{ NSPersistentStoreFileProtectionKey : NSFileProtectionComplete };
- [coordinator addPersistentStoreWithType:NSSQLiteStoreType configuration:nil URL:[self storeURL] options:storeOptions error:&error])
- NSFileProtectionComplete - The file is stored in an encrypted format on disk and cannot be read from or written to while the device is locked or booting.
- If no passcode is set or an attacker can unlock the device by gaining physical access, the database file and it's content can be accessed when the device will be jailbreaked.
- Useful links
  - WWDC 2012 Protecting the User’s Data
  - NSFileProtectionKey documentation
Transformable Attributes
- This option is sufficient for if you need to use multiple encryption keys or encrypt only certain attributes. Details here.
SQLCipher
- If there’s a need to encrypt entire database’s file you can use SQLCipher. It’s an open source extension to SQLite that provides transparent 256-bit AES encryption.
- you should be warned about few things:
  - Slight drop in performance -- SQLCipher claims about 5-15% overhead in database I/O.
  - Larger application size, if using SQLite -- you have to embed a copy of SQLCipher instead of using the system's built-in SQLite library.
  - There’s can be a situation where you need to get an ERN (Encryption Registration approval from BIS)
- To install SQLCipher you can read zeletetic’s official tutorial of just use a cocoapod
  - pod 'SQLCipher'
- To encrypt existing database, you need to use sqlcipher_export(). Example
- SQLCipher and CoreData
  - CoreData doesn't work directly with SQLCipher, but you can use this project for that purpose

109

answered Sep 19 '22 09:09

Dimitri L.

Related questions
                            
                                PHAssetCollectionChangeRequest: addAssets() now accepts NSFastEnumeration. how to achieve this?
                            
                                Difference between .tdb and .dylib in iOS (Xcode 7)
                            
                                Unable to set background image for UICollectionView
                            
                                search Display Controller is Deprecated in iOS8
                            
                                Opening iOS deep links from within the Facebook web view stopped working
                            
                                "XXX-Swift.h" file not found in test project
                            
                                Navigation Controllers in UISplitViewController leave space for bottom bar
                            
                                Alternative for Twitter.sharedInstance().session()?.userName after deprecation on iOS Swift
                            
                                Capturing volume levels with AVCaptureAudioDataOutputSampleBufferDelegate in swift
                            
                                Extract email from CNContactProperty - iOS 9
                            
                                Looping AVPlayer seamlessly
                            
                                Detect when an iOS 3D Touch peek has finished (without a pop)
                            
                                What is the difference between setHighlighted and setSelected in UITableViewCell in iOS?
                            
                                Creating a plist file programmatically without copying a plist from my main bundle
                            
                                Cannot access custom view during UI Testing in XCode
                            
                                Check whether device is connected to a VPN
                            
                                How to make UICollectionView auto scroll using NSTimer?
                            
                                Today Widget Not Showing on Device
                            
                                Core data query value "is not nil" is not returning object with value equal 0
                            
                                No '+=' candidates produce the expected contextual result type 'Int' [duplicate]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With

How to encrypt/decrypt my CoreData(sqlite)? Can I use SQLCipher for it?

Tags:

sqlite

ios

encryption

core-data

sqlcipher

Dimitri L.

People also ask

1 Answers

Dimitri L.

Recent Activity

Donate For Us