Where to store decrypted files?

Question

I am encrypting downloaded files and saving them locally in app's documents directory.

To read them you must decrypt those file and store some where temporarily.

My concerns are:

1.if I store them in doc directory for time they are being used, for that time window one can get those files using tools like iExplorer.

2.My idea is to store them in memory for the time they are being used and flush the vault after use. This option is good for small files but for large files say 50 MB or video of 100 MB, I am afraid that app will receive memory warning in result will terminate abruptly.

I want to know the best approach for doing this.

Answer 1

There is no perfect security storing local files in a safe way. If a person has full access to the device, he can always find a way to decrypt the files, as long as your application is able to decrypt it.

The only question is: How much effort is necessary to decrypt the files?

If your only concern is that a person may use iExplorer to copy and open these files, a simple local symmetric encryption will do the trick.

Just embed a random symmetric key in your application and encrypt the data block by block while you download it.

You can use the comfortable "Security Transforms" framework to do the symmetric encryption. There are some good examples in the Apple Documentation.

When you load the files, you can use the same key to decrypt them while you load them from the file system.

Just to make things clear: This is not a perfect protection of the files. But to decrypt the files, one has access to your app binary. Analyse this binary in a debugger and searching for the decryption part to extract your symmetric key. This is a lot effort necessary just to decrypt the files.