Sqlite database encryption in iOS - ios

In my iOS app I encrypted database using SQLCipher. But after encrypting database the performance of the app is degrade. So I want to ask that, is there any other way to encrypt database. Can I use file encryption for this using NSFileProtectionComplete.
OR
There is any other way to encrypt database which does't compromise with the performance of app.
Thank you.

Related

iOS Banking AES-128 End to End Encryption Implementation

I'm creating a banking application for iOS that is transferring sensitive encrypted data from an azure mobile backend to an iOS device. What is the best way to go about decrypting this data on an iOS device securely? What protocols should be used? What third party libraries / services? Are there standards for financial applications that I should be aware of?
I've heard things thrown around such as EKS encryption with SQL, SSL, RSA / Diffie Hellman encryption, AES-128 being a standard practice etc etc. Is there anything practical to implement without delving into low level C code?
SSL works for data in transit, Pin the certificate.
AES128 is fine for data at rest but the key must be good and secured.
On iOS put the key Keychain, there is no more secure method.
If you need to store a key on a server that is more of a problem keeping it secure.
Finally at a minimum use two factor authentication on the server.
My solution ended up being to use AESCrypt (github: https://github.com/Gurpartap/AESCrypt-ObjC)
This proved to be as simple as dragging the class files into XCode and calling
[AESCrypt encrypt:secret password:password];
[AESCrypt decrypt:secret password:password];
Thanks for the help! I will probably end up implementing some sort of CocoaPods supported platform later on, but this will work for now.

Storage for iOS development

I have db which is kept in Core Data and I need to download full data from some storage. I don't want to write web server for this. Is there any way to store my full data for further downloading? Can I use iCloud for this? Or anything else? Thank you
iCloud is connected to you personal Apple ID, so it would not be possible (or at least not its intended use) to allow others to download data from your iCloud account.
Have a look at Parse or Azure. One of them might be the solution you are looking for.

Need to encrypt Core Data

I am making an iOS application where all data stored in Core Data needs to be encrypted when the app is not in use. I understand that newer iOS devices (and devices running iOS 4 +) have access to hardware encryption and special protection APIs, but to my understanding, these only apply when the device is locked. There is no guarantee that users of my app will have a password lock on their devices, yet I still need to encrypt.
Also, I would prefer not to encrypt every individual core data attribute by using transformable attributes, and I understand this makes querying much more difficult. Preferably, I would like to do something like encrypt the core data file on app-close, and un-encrypt it on app-open (I know this might be slower).
Any solutions?

Does Adobe AIR Encrypted SQLite Database access or use the encryption in Apple iOS?

We are submitting an update of our Adobe AIR created app to the Apple App Store. We wish to change our encryption status.
The app was created using AIR 3.7 and uses several Encrypted SQLite Databases and an SSL connection to our server. As a precaution we got the US BIS export notice when we first submitted the app, but during the submit process we received this notice from Apple:
French authorities have agreed to limit the regulatory approval requirements for Appleā€™s App Store apps that use, access, implement, or incorporate:
any encryption algorithm that is yet to be standardized by international standard bodies such as IEEE, IETF, ISO, ITU, ETSI, 3GPP, TIA, etc. or not otherwise published; or
standard (e.g., AES, DES, 3DES, RSA) encryption algorithm(s) instead of or in addition to accessing or using the encryption in Apple OS
Consistent with the requirement, Apple will require you to upload a copy of your approved French declaration when you submit your app to the App Store if it meets the criteria described above.
So we decided to not publish to the French app store for our first release.
We now would like to publish to France, but I am not sure if we can state that our encryption is not in addition to accessing or using the encryption in Apple OS . I have found documentation that Encrypted Local Store uses KeyChain, but not that Encrypted SQLite Database does, only that it uses AES encryption.
We do not want to apply for the French import decleration unless really necessary, as it seems like a terribly complex process, in French.
Does anyone know if Encrypted SQLite Database uses that encryption already there in iOS?
Quoting from Adobe's documentation, Considerations for using encryption with a database:
AIR database encryption uses the Advanced Encryption Standard (AES) with Counter with CBC-MAC (CCM) mode.
I can find no indication that it uses a platform-specific method on iOS.

What are the common practices to protect data on iPhone

The client is concerned about safety of the data application uses and stores locally on device (e.g. they want to prevent reading our data files even on jailbroken iPhones). So I wonder - what are the possible ways to ensure data safety on iPhone?
Edit:
I'm thinking about 2 ways of storing data - a bunch of xml files (maximum size - about 1MB) or sqlite database. I'm more inclined to the 2nd variant but still not sure
You might want to check out this article - Protecting resources in iPhone and iPad apps. It talks about a scheme to encrypt app resources at build time, which can then be decrypted when needed by your app. Decryption happens in-memory so unprotected temporary files are not left on the filesystem. You can even load encrypted HTML, PDF & images straight into a UIWebView.
For transparency's sake: I wrote that article and it is hosted on my own website.
Any time code is running on physical hardware that's out of your control, it is vulnerable - the iPhone must have the ability to decode the data for it to be usable, and if the iPhone has that ability, so does the user. If the data is valuable enough, someone will break your encryption.
The movie industry spent millions on their DVD DRM. It got cracked in a few weeks.
The commoncrypto library, available on the phone, supports symmetric encryption. You can store the key in the keychain, which is itself asymmetrically encrypted. The key to decrypt the keychain is baked into the hardware so you'd need to go to some lengths to retrieve the data.
(e.g. they want to prevent reading our data files even on jailbroken iPhones). you may use localytics mobile analytics(open source) to find out whether the application has been used in Jail broken iphone or not.. They have premium options also..Lot of mobile analytics are available.you can check..

Resources