1

My program asks a user to create a 4-digit passcode (much like the unlock screen built into the iPhone). The program will store the passcode and test it against a passcode entered at a later date and will deny or give access to a tableview of documents. I also need to store the passcode in iCloud incase another device wants to use the same database of documents. I do not need to store username information.

I've been reading about using keychain but this seems like a bit of overkill for my purpose. I'm a beginner to security and have no clue on what to do and what NOT to do. Can anyone point me in the right direction for what documents or tutorials I could read that would be appropriate for my application? Thanks for the help.

UPDATE

note about using keychain in reply to the answers below:

If I was to use keychain I'm under the impression from the apple docs that I would not be able to nor should I store the passcode on iCloud. This presents an interesting problem because storing documents on iCloud is an essential behavior of my application as users need to access the same set of documents which are protected by a passcode across multiple devices. How do I approach this problem? Is there a known secure way to work around this or would I have to totally abandon the use of keychain all-together?

Joey J
  • 1,355
  • 10
  • 26

2 Answers2

2

Are you intending to do a simple string comparison as a pretend security measure or are you actually encrypting private data and just using a key that's intentionally weak?

Both approaches are valid but I assume your users expect the latter. (Would they be upset if someone read their data in plain text right out of the phone backup dumps?)

If you're actually encrypting their data with an intentionally weak key, then you definitely should use the internal keychain and probably use PBKDF2 to make a useful key based on the very short amount of secret data available to you. Any other approach is probably setting you up for embarrassing situations or outright hostile users. Let Apple manage as much as they can. (Do not store the key in iCloud.)

Note that using keychain and PBKDF2 will still leave your user's data open to pretty easy brute-force key guessing, but that must be expected with such short keys.

sarnold
  • 102,305
  • 22
  • 181
  • 238
  • Thank you for the info! I'm definitely looking to encrypt a private key. As I mentioned, I would like to mimic the behavior of the passcode entry feature available to iPhone/iPod touch users to unlock their device. Apple seemed to believe a 4-digit key was sufficient but maybe behind the scenes they added some extra protection. Anyway, as for not using iCloud - I agree - this could lead to a disaster. Please see my updated question about using keychain. – Joey J Feb 01 '12 at 02:55
  • I wouldn't be surprised if the 4-digit key slows down with further incorrect guesses or locks the phone completely after a certain number of incorrect guesses. Both those options are available to you too. – sarnold Feb 01 '12 at 02:57
  • Great suggestion - I would definitely lock the program for a minute or so after x incorrect guesses. The problem that is stumping me is the whole access to a group of documents across multiple devices, blah... – Joey J Feb 01 '12 at 02:59
  • For the updated Keychain question: that's outside my experience. Sorry. I'd expect that you could rely on PBKDF2 to regenerate the key on each device as the user wants access to the encrypted documents, but perhaps I've drastically misunderstood the keychain API. – sarnold Feb 01 '12 at 03:04
  • Thanks for the awesome info! I think I'll read about this more but you've definitely given me a start. -- As for the whole keychain and iCloud stuff I could very well be misinterpreting information. So you are probably correct. In either case, this is going to take some more research. Thanks again for the help! – Joey J Feb 01 '12 at 03:08
  • Thanks for the Accepted, but I think you should hold off for a while -- someone else might come along with a much better answer in a while if the question looks like it hasn't gotten a _good_ answer yet. (It happens. :) – sarnold Feb 01 '12 at 03:12
  • haha ok - I'll hold off but if no-one does I'll replace the accepted =) – Joey J Feb 01 '12 at 03:15
2

I think SHA1 is good for your purpose just remember to add some "salt" to your raw string I did it on iphone App Obj-C 2 years ago, should be straightforward this post may help Objective C: SHA1 :) hope it helps

Community
  • 1
  • 1
Ted Xu
  • 1,095
  • 1
  • 11
  • 20
  • thanks Ted - I'll look into this some more. I think this is a lot more complex of a problem than I originally anticipated. – Joey J Feb 01 '12 at 03:09