Re: Encrypting core data properties
Re: Encrypting core data properties
- Subject: Re: Encrypting core data properties
- From: Stefano Furiosi <email@hidden>
- Date: Sun, 19 Jun 2005 11:27:22 +0200
Il giorno 19/giu/05, alle ore 09:09, J. Atwood ha scritto:
I'm trying to come up with a scheme to encrypt sensitive properties
for one of my entities. I found a nice package for carrying out the
actual encryption (SSCrypto.framework), but I'm unsure as to when I
should perform the encryption/decryption, as I'm using core data w/
cocoa bindings.
For instance, one of the properties of a customer entity might be
credit card number. I want the user to be able to enter the credit
card number into a text field normally, but I want core data to run
the string through my encryption method before storing it in the
application's data file. Similarly, I want the encrypted string to
be decrypted before it is shown in its text box (when the
appropriate instance of its customer is selected).
(In the future, I might build a condition into the encrypt/decrypt
methods that prompts for a password.)
How should I do this? I tried using a custom transformer, but I'm
having trouble getting in to work correctly. Is there a better way?
How do other people protect sensitive data within their applications?
Hi,
I have just posted a similar question, this is the reply from mmalc
that really helped me:
From mmalc reply:
-----------
(a) Create custom classes for your entities and implement -willSave
and -didSave. In willSave, encrypt the attributes; in didSave,
restore them. You will also have to unencrypt values in
awakeFromFetch. The disadvantage here is that each value is
encrypted individually, so that an attacker has a lot more data to
work with.
(b) Create custom classes for your entities and make your attributes
transient. Add a 'data' attribute that serves as the backing store
for all your attributes. In willSave, collect all the attribute
values into a single value (likely NSData) and encrypt that. You
will again have to unencrypt and reconstitute values in
awakeFromFetch. This has the minor advantage that with all your data
grouped into a single value, it probably presents a harder target.
(c) Use an in-memory store and your own custom file format. In this
case it may be easier to use NSDocument instead of
NSPersistentDocument, and to create the persistence stack yourself.
When you read a file, you will have to unencrypt it, recreate the
managed objects, and insert them into the context etc. When you
save, you will have to retrieve all the managed objects from the
store, create and encrypt an archive of those objects, and write them
to a file (in this case you may be able to leverage dataOfType:error:
etc.)
mmalc
------------
For me the method (b) was the better.
Some more clue:
You have to use "setPrimitiveValue" instead of "setValue: forKey:"
inside the "willSave" and "awakeFromFetch" methods.
SSCrypto it's a good solution but be shure to read some information
around about Cryptation methods and security flow implementation.
Take a look at the blowfish algorithm and other cryptation methods.
You can also use OpenSSL directly if you want.
Some usefull links:
http://www.schneier.com/blowfish.html
http://www.schneier.com/paper-blowfish-oneyear.html
http://lists.virus.org/secprog-0211/msg00008.html
http://www.faqs.org/docs/gazette/encryption.html
Remember that the better way to protect your sensitive data is not to
implement your algorithm based on a fixed internal key, but probably
use a Private/Public Key flow, like "blowfish", and let the user
enter a custom password.
Hope this cam help,
Stefano.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden