12

I have an iMessage application that send files. Data is saved in iCloud servers using CloudKit. Everything works well.

Now I want to add a new level of security. I want to encrypt the data before sending it to iCloud.

The problem is that using public/private key pairs is not possible:

  • In iMessage the extension can't identify users.
  • No real time session can be opened between conversation participants to exchange keys.

None of the options below are strong enough to make the data secure:

  • Use a key encryption hardcoded in the application.
  • Generate a random key, encrypt data with it and save it with the data in the iCloud servers, so it can be downloaded with the file to decrypt it.

iCloud may be secure but users' data could be personal/sensitive so I want to add a new security layer + it's a fun exercice for me.

Could anyone help to find the right encryption method?

rmaddy
  • 314,917
  • 42
  • 532
  • 579
Red Mak
  • 1,176
  • 2
  • 25
  • 56
  • You can ask the sender for a passphrase that you use to generate a key that you then use with a symmetric key algorithm; the problem is then how do you get passphrase to the other party if you don't trust the channel. This is the problem that public/private key cryptography solves; this was considered an almost impossible task until RSA and James Ellis & Clifford Cocks from the British GCHQ (independently) found the solution. – Paulw11 Jan 23 '19 at 03:27
  • @Paulw11 this would be a solution if actually there a Channel between sender and receiver. But as explained, i can’t identify the receiver because ios will not give the info. – Red Mak Jan 23 '19 at 13:12
  • You don't need to identify the receiver, you need some way of sharing the key with the receiver. Either you send the key over the only channel you have (but you don't trust this channel, so) you need the participants to exchange the key "out of band" – Paulw11 Jan 23 '19 at 13:51
  • @Paulw11 thanks for the answer, the problème is that there’s no channel between then, iMessage is just like enhanced sms, so if i want to send the key i have to send a « real » message that the user will see. – Red Mak Jan 23 '19 at 17:11
  • Yes, that is what I am saying; you can't do this "in-band" purely from the sender if you don't trust the channel, which you don't because it is just an imesssge. The only way it can work is if the sender asks the receiver to send their public key first. Then the sender can use the public key to encrypt the file encryption key and send that to the receiver before finally encrypting the file with the encryption key and providing the file. – Paulw11 Jan 23 '19 at 19:06
  • @Paulw11 ok this is what i thought from the beginning, one solution would be to use a master key to encrypt/decrypt, not an ideal solution but i see no other way .. – Red Mak Jan 23 '19 at 19:31
  • Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/187201/discussion-between-paulw11-and-red-mak). – Paulw11 Jan 23 '19 at 21:12

1 Answers1

0

You could send the key in the url of a custom MSMessage, along with the CloudKit address. The url key and address can be encoded, base-64 format as a data url so only your app knows how to decode.

That way at least someone needs to know how to decode your standard url's before getting the encryption key.

Andy Dent
  • 17,578
  • 6
  • 88
  • 115