0

How can I encrypt file in the iOS app's bundle to prevent data from copy? I can suggest to encode/decode it by simple rules. But it will take too much time to encode on every app start and it's not safe enough.

P.S. We should not cause export restrictions. So encrypting algorithm must be not strong.

Dmitry
  • 14,306
  • 23
  • 105
  • 189
  • Example of using Common Crypto in Swift 2: http://stackoverflow.com/questions/25754147/issue-using-cccrypt-commoncrypt-in-swift?lq=1 or http://stackoverflow.com/questions/25776238/issue-decrypting-with-commoncrypto-in-swift?lq=1 – Dmitry Aug 20 '15 at 17:48

2 Answers2

1

The App Bundle can not be changed by the app so that option is not available.

If it is something that is included at build time you can encrypt it prior to building the app and decode it in the app when you need it.

The problem is that the encryption key must be provided to the app in some manner. Just including the key in the app code is not secure but may meet your needs. Providing the key from a web site with authentication might work for your needs.

You need to evaluate the level of security you require, who you are protecting against and how much effort/money they are willing to expend to get your data.

Note: encryption with Common Crypto is very fast. On an iPhone6 I benchmarked the speed as 1MB in 10.8 mSec or 92MB/sec.

zaph
  • 111,848
  • 21
  • 189
  • 228
  • Thanks. But Common Crypto causes export restrictions. Is there any other way? May be some fast encode method. But not related to codepages or base64. – Dmitry Aug 20 '15 at 17:29
  • All encryption triggers export restrictions including using https in an app. Encoding is just obfuscation but that may meet your needs. – zaph Aug 20 '15 at 17:31
  • Apple approves applications with https in the embedded browser without any information from developer about encryption in the app. – Dmitry Aug 20 '15 at 17:33
  • 1
    You might try another encoding such as Base58 for obfuscation. – zaph Aug 20 '15 at 17:34
  • What real limitations will be with Common Crypto for the app in the App Store? – Dmitry Aug 20 '15 at 17:34
  • Yes, Apple approves apps with https and also with Common Crypto. It is not an Apple issue directly but U.S. export restrictions enforced by BIS (Bureau of Industry and Security). Is that stupid, probably, do developers misunderstand, also probable but that does not change the U.S. encryption export laws. – zaph Aug 20 '15 at 17:35
  • 1
    You will need to apply for am export exception which I understand it just filling out an online form. – zaph Aug 20 '15 at 17:37
  • But I can't understand what should I do in the iTunes Connect if I use Common Crypto? What will happen if I report that the application uses encryption? – Dmitry Aug 20 '15 at 17:38
  • Why does it come under exception? – Dmitry Aug 20 '15 at 17:40
  • It is best to google that or try it, I don't klnow that aspect of iTunes connect currently. – zaph Aug 20 '15 at 17:40
  • There are certain levels of encryption and certain encryption algorithms which are allowed. Here are some BIS links: [Encryption FAQs](https://www.bis.doc.gov/index.php/policy-guidance/encryption/encryption-faqs), [Identifying Encryption Items](https://www.bis.doc.gov/index.php/policy-guidance/encryption/identifying-encryption-items). LInk to a PDF download [Flowchart](https://www.bis.doc.gov/index.php/forms-documents/doc_download/327-flowchart-1) graphically describes the process used to determine whether an item is classified under Category 5, Part 2 of the Commerce Control List in the EAR. – zaph Aug 20 '15 at 17:52
-1

Just use double encoding if data isn't too sensitive. For example, utf8 + base64 with several char replacements to hide that it's base64.

Dmitry
  • 14,306
  • 23
  • 105
  • 189