For quite a while I’ve been trying to figure out the whole truth about hardware encryption, data protection and keychain protection on iOS4 in combination with iPhone 3GS, iPhone 4 or iPad.
Starting with iPhone 3GS a hardware encryption chip is build into the device. Great! But what does it mean to me as a developer? How can I make use of all of this encrypting and masquerading?
First off, one needs to understand how all the encryption business works on iOS devices.
Best thing to do is to watch Episode 209: “Securing Application Data” from Apple’s WWDC 2010 conference (http://developer.apple.com/videos/wwdc/2010/) – note that you have to be a registered iOS developer to access the videos.
Next, navigate to http://anthonyvance.com/blog/forensics/ios4_data_protection/ and read the infos there.
Then understand the iOS devices’ different folders by going through this document
Now you’re set.
For me a few questions remained unanswered even after watching the video and reading dozens of articles on the web. I will try to answer them now as good as I can using my findings:
- The keychain allows defining a class “available when unlocked, this device only” which prevents a keychain record from getting transferred to another device using backup/restore. To my understanding there is nothing similar for files, or is there? How can I prevent FILE data being restored on another device?
- NSData allows storing files with protection and NSFileManager allows changing the security class of an existing file. I wonder if there are any disadvantages if I first store the file unencrypted and the use NSFileManager to change the class?
- If the user does not specify a PIN or passcode, there does not seem to be real protection. Does that mean, data is encrypted using the device key only, as introduced with the 3GS?
- If I change my PIN, what has to be re-encrypted by the OS? All of the encrypted files?
- Is there evidence that a PIN/or password protected device’s content which was protected using the “protect always” has been successfully hacked?
- My device contains files which are stored in encrypted format. If now I make a backupof my device in iTunes and do not select to encrypt and password protect that backup, are my backed up files still which were encrypted on the device still secure?