Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Implementing and Testing iOS data protection

Just saw the Session 209 - Securing Application Data from de 2010 WWDC.

The keynote explains a lot of things, including the way you can set data protection attributes to your files (NSFileProtectionComplete, NSFileProtectionNone) and how to decide which protection is best for your case.

I just implemented it, but can't figure out how to test if the security is on, any ideas?

In addition, I have a sql lite database that needs to be accessed in background from time to time, and this method of data protection seems to be not good enough.. any link or tutorial that guide me through the best db protection? (found sql cipher but is kinda heavy to add in a evoluted project)

Thanks!

like image 943
Omer Avatar asked Mar 01 '11 14:03

Omer


People also ask

What is Data Protection iOS?

Data protection is an iOS feature that you use to secure your app's files and prevent unauthorized access to them. Data protection is enabled automatically when the user sets an active passcode for the device. You read and write your files normally, but the system encrypts and decrypts your content behind the scenes.

How to store sensitive data iOS?

If you need to store sensitive data, use Keychain Services. Unlike UserDefaults, the data stored in the keychain is automatically encrypted. With the keychain, you don't need to save encryption keys. Every application has its own isolated keychain section that other applications can't access.

How secure is iOS files?

Fortunately, iOS offers secure storage APIs, which allow developers to use the cryptographic hardware available on every iOS device. If these APIs are used correctly, sensitive data and files can be secured via hardware-backed 256-bit AES encryption.


2 Answers

Update: With iOS 6 it's supposedly possible to require data protection for your application by using an entitlement that needs to be configured on the App ID in the iOS provisioning profile. I haven't tested this yet, and this is the best information I could find on it https://devforums.apple.com/message/707939#707939


My investigations into this matter lead me to believe that it is very difficult to determine if data protection is enabled on a device.

File protection is enabled by setting the NSFileProtectionKey file attribute to NSFileProtectionComplete

For example, to create a protected file you could run code like:

[[NSFileManager defaultManager] createFileAtPath:[self filePath]                                         contents:[@"super secret file contents" dataUsingEncoding:NSUTF8StringEncoding]                                       attributes:[NSDictionary dictionaryWithObject:NSFileProtectionComplete                                                                              forKey:NSFileProtectionKey]]; 

Unfortunately this code will execute without error even if Data Protection is not enabled on the device (or if the code is run on the Simulator where Data Protection is not available).

Worse, the NSFileProtectionComplete attribute will be be set regardless of whether the file is protected or not. The following:

self.fileProtectionValue = [[[NSFileManager defaultManager] attributesOfItemAtPath:[self filePath]                                                                              error:NULL] valueForKey:NSFileProtectionKey];  NSLog(@"file protection value: %@", self.fileProtectionValue); 

will spit out file protection value: NSFileProtectionComplete no matter whether Data Protection is enabled or not.

There are two methods that I've been able to use to discover if File Protection is working as expected. Unfortunately neither of these methods are suitable for detecting if Data Protection is enabled on a device in the field.

Both methods work on the idea that a protected file can not be read if the device is locked.

Method one involves using a timer to attempt to read the file after the device is locked, but while your application continues to run:

[self performSelector:@selector(doReload) withObject:nil afterDelay:20];  - (void)doReload {      NSLog(@"protected data available: %@",[[UIApplication sharedApplication] isProtectedDataAvailable] ? @"yes" : @"no");      NSError *error;      self.fileContents = [NSString stringWithContentsOfFile:[self filePath]                                               encoding:NSUTF8StringEncoding                                                  error:&error];      NSLog(@"file contents: %@\nerror: %@", self.fileContents, error); } 

If you run the above code and lock a data protected device it will spit out:

protected data available: no file contents: (null) error: Error Domain=NSCocoaErrorDomain Code=257 "The operation couldn’t be completed. (Cocoa error 257.)" UserInfo=0x16e110 {NSFilePath=/var/mobile/Applications/D71F1F1F-6C25-4848-BB1F-51539B47EC79/Documents/protected_file, NSUnderlyingError=0x16e010 "The operation couldn’t be completed. Operation not permitted"} 

The 20 second delay is necessary because there is a 10 second or so grace period where protected data is still available after a Data Protection enabled device is locked.

The second method is to create a protected file in an application, exit the application, lock the device, wait 10 seconds, and then use the XCode organizer to download the contents of the application. This will produce an error message and the protected file will be empty.

If either of the above tests fail to behave as described then Data Protection is either not enable, or your File Protection code was not implemented correctly.

Because I've not found any way to verify within the application that Data Protection is enabled before I write confidential information to disk, I've filed a feature enhancement request with Apple to be able to mark an application as requiring Data Protection to be enabled. (rdar://10167256)

Apple does offer a solution to this through their Mobile Device Management (MDM) APIs, which combined with a third party server can be used to enforce policies that require Data Protection to be enabled on devices.

like image 192
Josh Vickery Avatar answered Sep 17 '22 18:09

Josh Vickery


You can use the iExplorer app to detect if your files are encrypted. iExplorer lets you browse the filesystem of your iPhone/iPad, and open the file (of course your device must be plugged into your Mac).

When the device is locked, the files can't be read correctly.

like image 28
XGouchet Avatar answered Sep 18 '22 18:09

XGouchet