Using Swift's .hash for password storing/checking - ios

EDIT
I've been doing more research on this topic and the answers down below have been VERY helpful! But I also just wanted to add this to anyone who might come across this page who, like me, is still struggling to understand how to install authentication into your app. (Of course, OAuth and Local authentication are very good routes, but if for some reason you can't do that, take a look at the link:)
https://security.stackexchange.com/questions/8596/https-security-should-password-be-hashed-server-side-or-client-side
My original question is below
I'm VERY new to the app security part of iOS development. I have an app that should be password locked and I wanted to see the best way to secure it. So here's what I was thinking:
the user creates (or is provided with) a password
let password = "password"
I use the .hash of that password to store it in a server
When and if the user needs to sign back in, they type in the password, and the app pulls down the hash number from the server and checks it against the .hash of what they just typed in
let passwordString = textbook.text
if passwordString.hash == hashPulledFromServer {
//log in
} else {
//failed
}
Is this the best way to do this? I've read that hashValue doesn't always produce the same value which of course wouldn't make it possible for this sense. But is this a secure way to transfer data to a server and use it to check on a password at a later date?

It is too difficult to give a detailed answer to your question. Information Security is an enormous subject.
Wherever possible you should rely on existing solutions and implementations. E.g. can you use OAuth or OpenID so that your app never needs to deal with passwords? Can you use the local authentication framework if you just want to secure local access to the app?
The short answer to your question "Can you use .hash?" is NO
.hash is used to create a hash for an object that can be used to aid lookup in collections like dictionaries and sets.
It is computationally simple so that it can be calculated quickly. It does not go to any lengths to prevent hash collisions (two different objects hashing to the same value). It has these characteristics because it is expected that the function will be used a lot (each access to a dictionary for example) and collisions don't really matter; in-memory collections are quite small and collisions can be handled easily.
This is the opposite of what you want in a cryptographic password hash, such as scrypt:
you want the hash function to be relatively slow and computationally expensive to slow brute force attacks; passwords are not hashed/checked very often so this doesn't matter in the normal course of things
You don't want collisions; a collision will result in an incorrect password being accepted as correct

Related

Encryption key: Can I use obfuscation?

I am building an iOS app for someone. The app will be used to take mock exams on for a professional license. The question data is stored in Core Data but the question and answers strings need to be encrypted as the client spent a lot of time writing them and doesn't want someone else stealing his work to use in a competing product.
So what I want to do is set the attributes in core data to transformable, use a custom NSValueTransformer to transform the strings to NSData and while they are being transformed use RNEncrypt to encrypt and decrypt.
So far so good.
Here is my predicament: I need to use a key to encrypt and decrypt the data but how do I get/create it?
My options:
hardcode it == bad!
generate key and store in keychain == not the right type of security. i.e.. does not protect against owner of the device.
generate key from user password == no other reason for the user to have to login.
the app connects to a server and gets a key with some authentication stuff(I don't know what is involved exactly) == I don't want to rely on a network connection for the app to work.
obfuscation, I feel like if I create a string from bits of other strings and method sigs and then hash it then that will be enough == It probably won't be.
My questions then are these:
- Obfuscation, can it be enough, has anyone else had success with it?
- From my research I've learnt that a hacker with an ipa can see all the hardcoded strings, class names and method sigs but they can't see the code inside the methods (is that correct?), so how could someone read the key if it was built up/generated inside a method?
- As the title, Can I use Obfuscation?
- Are there any options I have missed?
For the record, if I have to then I'll make people register and login.
You cannot store data locally securely. As soon as you are able to decrypt it an attacker can as well. That goes for EVERY encryption technique. No matter what you try.
You have to store the data or a different decryption key for each data point on a server and retrieve it one by one every time. You additionally have to make sure that the user does not just send 100s of requests and retrieves all data by hand.
Note that storing just one key on a server will result in the exact same thing as writing it hardcoded in the app. And not limiting the requests will just cause the attacker to need a little more time than just looking at an already decrypted local db.
Of course you can obfuscate it to make it seem like it has some good encryption behind it - but if someone WANTS to get the data, he will be able to.
Regarding the code in an ipa: you will not be able to see the original code but you will be able to see some code that produces the same output as the original code. As long as the device can produce the valid key, an attacker can as well.
I do not know if there is a huge community out there that is looking through random apps to steal some of its internal questions / answers / data, I doubt it.
You just have to make the product sooooo good that no competing product with the same data has any chance against it. The data itself can always be "stolen".

Encrypt data for multiple user access

we have an application, where any registered user can create his own company and grant access for this company to any registered user.
Each company is represented by Postgresql's schema.
Is there a way to en/decrypt users data in schemas without using static key for en/decrypt stored in applications source code? Every user, who was added to company has to have access to company's data.
Thanks for answer
This is a question on which books could be written. So keep in mind it is a hard problem and you have to take a very complex, long-term approach to these problems. In essence, no you need a static key, and you don't want to store that unencrypted. You have several important questions you have to look at:
Key management and rotation. You will probably need the static key to be encrypted per user with public key encryption, and make sure they don't leave their private keys around unprotected!
Accidental key disclosure. So the data on the Pg side is now encrypted. How might someone get the key? In short you can't log queries routinely, you may want to set the error level to FATAL in the log, etc. PostgreSQL doesn't make this easy to prevent.
Accidental plaintext disclosure. This can happen through, say, creating an index of the decrypted data for performance reasons..... Also connection eavesdropping and much more needs to be looked at.

How would you implement anonymous authentication?

I'm building a web-based app centered around security, privacy, and anonymity. One of the key principals of the app is that users can store sensitive data anonymously.
As a result, I expect to outsource system authentication entirely, preferably using OAuth or OpenID.
Is this even possible? I'd like to avoid storing email addresses or any other kind of user-identifying information on my side.
A friend of mine was working on this a few years ago. His idea was to hash an email address and a thumb or fingerprint into a unique image (biometric data is just a stream of bits, and in theory a fairly unique one compared to a human-input password like "123456").
That image could then be stored on that person's devices using their own password or bitlocker, or even printed out and locked away physically. The image would be the key when shown to a webcam or uploaded, sort of a reversal of QR codes.
Of course, the image-creation would be the potential tracking point. But if that was done entirely in memory or with a free and widely-distributed key generation tool then you would probably have some legal-protection from being compelled to reveal original users' data or identities.
(this all glosses over the need for wide use of biometric scanners and secure connections all around)
Edit:
Biometric data streams are slightly different each time they're taken. There is no "password recovery" if you hash a stream like this as-is, it will likely never be the same. Most dimensionality-reduction would make it far less secure, and might still leave a chance that it couldn't be reproduced.
To begin with, OAuth is a completely different thing, separate from your project's scope.
I guess it depends on your definition of "anonymous". If you use OpenID, you would be saving your users' OpenID URLs. In other words, your system would be precisely as anonymous as your users' OpenIDs.
A more intrinsically anonymous solution might be to simply let your users enter an arbitrary string to identify themselves. Returning users would simply type in that same string again. If you want to display a user's "identity", you could run that string through a hash function. No registration required (and not unlike 4chan's secure tripcodes).

Safe way to retrieve secret keys

I'm working on an app that has a red button. What that means is that every client account has two (secret) keys that are automatically generated. When someone enters those keys on a special (public) page, a certain process will be set in motion. The process is not critical, but
That's all taken care of, the keys are automatically generated on user account creation, stored encryped in the database and are shown to the user once so he can distribute the keys as he sees fit. He can of course reset the keys if he wants to.
The thing is, some clients keep forgetting the keys. Our solution is to reset the keys and redistribute the new keys, but for some clients that's just not practical. I'd like to offer the option of retrieving the keys without resetting them.
My idea was to be able to decrypt the keys using the user's password, meaning that the already logged in user would have to enter his password again, which was used to encrypt the keys and is now used to decrypt them. I'm just not sure how that would technically work (is there an encryption/decryption algorithm that I could use?) and whether there's anything I should consider before employing such a technique.
Does anyone have any ideas on this? Maybe even a better suggestion?
You want to check out ciphers like AES.
I'd check out this gisthub example on how to use Ruby and AES for encryption and decryption.

How to secure user data in the database with Rails?

I am creating a rails application that needs to store a large amount of sensitive data. To assure my customers that the data is being protected, I want to encrypt it on a per-user basis. I have done research looking for gems that can accomplish this. So far I've found strongbox and safe. Together, this would seem to provide a solution for me.
However, I am wondering if this is a common practice. It would seem that most rails applications have some sensitive data to store regarding their users. AuthLogic is handling my password encryption, but emails and other personal data are just as sensitive. Is it common practice to leave these items unencrypted in the database and assume that it will never be compromised? I understand that the database resides in an area that can not communicate with the outside world, but a determined attacker could easily compromise this. Is it common practice for Rails developers leave their data unencrypted and simply trust the security of their web server?
The problem with encrypting your database is that anything you encrypt cannot be used in a SQL query, and also, it still has to be decrypted before it can be used. This means that you need to place the decryption key in close proximity to the database, and in most cases, if someone can compromise your database, that means they have also compromised your decryption key at the same time. Thus the encryption step has bought you very little. With passwords, no decryption is necessary because it's actually a hash function. You're far better off making sure the database is never compromised in the first place.
Always assume that if a hacker can compromise any portion of your security, they can compromise all of it. Chain is only as strong as its weakest link and all that.
Credit card numbers and social security numbers (which fortunately you don't usually need to index on) are probably the most obvious exception to this, but if you have to ask this question, you've got no business storing those items in the first place. There's all kinds of legal trouble you can get into for messing that stuff up.
Credit card number, SSNs, etc should always be stored encrypted.
Passwords should always be stored encrypted, using a one-way hash. This means that when the user supplies a password, you can determine if it matches what you stored in the DB, but given only the encrypted representation in the DB, you cannot from that determine their password, short of brute force/dictionary attacks.
I find that in my app's, I like to add unencrypted_**** readers and writers to my class, to make dealing with the encrypted representation painless.
class User
# has db column encrypted_cc_number
def unencrypted_cc_number
WhateverEncryptionClassYouUse.decrypt(encrypted_cc_number)
end
def unencrypted_cc_number=(val)
self.encrypted_cc_number = WhateverEncryptionClassYouUse.encrypt(val)
end
end
Using layered security mechanisms and strong cryptography is good practice if you are storing a large amount of sensitive data. It is required by the Payment Card Industry’s Data Security Standard (PCI DSS). I suggest that you read the following guideline document: https://www.pcisecuritystandards.org/pdfs/pci_fs_data_storage.pdf.
You should definitely not "assume that it will never be compromised"

Resources