Secure keys in iOS App scenario, is it safe?

by

Let me try to break down your question to multiple subquestions/assumption:

Assumptions:

a) Keychain is safe place

Actually, it’s not that safe. If your application is installed on jailbroked device, a hacker will be able to get your keys from the keychain

Questions:

a) Is there a way to put some key into an app (binary which is delivered form AppStore) and be completely secure?

Short answer is NO. As soon as there is something in your binary, it could be reverse engineered.

b) Will obfuscation help?

Yes. It will increase time for a hacker to figure it out. If the keys which you have in app will “cost” less than a time spend on reverse engineering – generally speaking, you are good.

However, in most cases, security through obscurity is bad practice, It gives you a feeling that you are secure, but you aren’t.

So, this could be one of security measures, but you need to have other security measures in place too.

c) What should I do in such case?*

It’s hard to give you a good solution without knowing background what you are trying to do.

As example, why everybody should have access to the same Amazon S3? Do they need to read-only or write (as pointed out by Kendall Helmstetter Gein).

I believe one of the most secure scenarios would be something like that:

  • Your application should be passcode protected
  • First time you enter your application it requests a user to authenticate (enter his username, password) to the server
  • This authenticates against your server or other authentication provider (e.g. Google)
  • The server sends some authentication token to a device (quite often it’s some type of cookie).
  • You encrypt this token based on hash of your application passcode and save it in keychain in this form
  • And now you can do one of two things:
    • hand over specific keys from the server to the client (so each client will have their own keys) and encrypt them with the hash of your application passcode
    • handle all operation with S3 on the server (and require client to send)

This way your protect from multiple possible attacks.

c) Whoooa…. I don’t plan to implement all of this stuff which you just wrote, because it will take me months. Is there anything simpler?

I think it would be useful, if you have one set of keys per client.

If even this is too much then download encrypted keys from the server and save them in encrypted form on the device and have decryption key hardcoded into your app. I would say it’s minimally invasive and at least your binary doesn’t have keys in it.

P.S. Both Kendall and Rob are right.

Update 1 (based on new info)

First of all, have you seen in app purchase programming guide.

There is very good drawing under Server Product Model. This model protects against somebody who didn’t buy new levels. There will be no amazon keys embedded in your application and your server side will hand over levels when it will receive receipt of purchase.

There is no perfect solution to protect against somebody who purchased the content (and decided to rip it off from your application), because at the end of days your application will have the content downloaded to a device and will need it in plain (unencrypted form) at some point of time.

If you are really concerned about this case, I would recommend to encrypt all your assets and hand over it in encrypted form from the server together with encryption key. Encryption key should be generated per client and asset should be encrypted using it.

This won’t stop any advanced hacker, but at least it will protect from somebody using iExplorer and just copying files (since they will be encrypted).

Update 2

One more thing regarding update 1. You should store files unencrypted and store encryption key somewhere (e.g. in keychain).

In case your game requires internet connection, the best idea is to not store encryption key on the device at all. You can get it from the server each time when your app is started.

More Related Contents:

  1. In iOS, how can I store a secret “key” that will allow me to communicate with my server?
  2. Best practices for Storyboard login screen, handling clearing of data upon logout
  3. Enumerate all Keychain items in my iOS application
  4. Auto Login Dropbox account on Core Api without Login Prompt
  5. What’s a redirect URI? how does it apply to iOS app for OAuth2.0?
  6. Save and Load from KeyChain | Swift [duplicate]
  7. How to authenticate the GKLocalPlayer on my ‘third party server’?
  8. Using LDAP for authentication in iOS
  9. +entityForName: nil is not a legal NSManagedObjectContext parameter searching for entity name ‘Account”
  10. Best practices for server-side handling of JWT tokens [closed]
  11. Uniquely identifying an iOS user
  12. How to filter date array in swift [closed]
  13. How to save local data in a Swift app?
  14. How can I convert a String to an MD5 hash in iOS using Swift?
  15. How do I create a round cornered UILabel on the iPhone?
  16. AutoLayout: removeFromSuperview / removeConstraints throws exception and crashes hard
  17. iframe size with CSS on iOS
  18. How do I fix the xcrun unable to find simctl error?
  19. Get pixel data as array from UIImage/CGImage in swift
  20. How to use a custom font with dynamic text sizes in iOS7
  21. How to do stateless (session-less) & cookie-less authentication?
  22. Launch Image not showing up in iOS application (using Images.xcassets)
  23. How to get navigation based template functionality in Swift programming
  24. How to customize the navigation back symbol and navigation back text?
  25. Is there an iPhone SE simulator for Xcode 11, iOS 13?
  26. Is it possible to disable the network in iOS Simulator?
  27. Attempting to load the view of a view controller while it is deallocating… UISearchController
  28. How to batch request with AFNetworking 2?
  29. create movie from [UIImage], Swift
  30. UITableView Checkmarks disappear when scrolling

Leave a Comment