• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: file encription/decriptoin iOS
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: file encription/decriptoin iOS

  • Subject: Re: file encription/decriptoin iOS
  • From: Dave Fernandes <email@hidden>
  • Date: Wed, 28 Jun 2017 23:04:21 -0400
> On Jun 28, 2017, at 12:17 PM, Jens Alfke <email@hidden> wrote:
>
>
>> On Jun 28, 2017, at 6:33 AM, Sandor Szatmari <email@hidden>
>> wrote:
>>
>> I thought there were both local and iCloud Notes, no?
>
> Not sure what you’re asking, but: Anything saved to iCloud goes through
> end-to-end encryption, so there’s no way to read it on the iCloud servers
> without using keys stored on your device (derived from your iCloud password.)
> So again, it’s not necessary to add any extra encryption.
>
> —Jens
> _______________________________________________

I didn’t realize this, and went to the iOS Security Guide to get more details,
but I am left more confused than when I started. The Security Guide has this to
say (CloudKit works the same way):

iCloud Drive

iCloud Drive adds account-based keys to protect documents stored in iCloud. As
with existing iCloud services, it chunks and encrypts file contents and stores
the encrypted chunks using third-party services. However, the file content keys
are wrapped by record keys stored with the iCloud Drive metadata. These record
keys are in turn protected by the user’s iCloud Drive service key, which is
then stored with the user’s iCloud account. Users get access to their iCloud
documents metadata by having authenticated with iCloud, but must also possess
the iCloud Drive service key to expose protected parts of iCloud Drive storage.


So everything is protected by the iCloud Drive service key, but what does
“which is then stored with the user’s iCloud account” mean? Is it stored on the
device or in iCloud? That makes all the difference.

- Dave
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: file encription/decriptoin iOS
      • From: Jens Alfke <email@hidden>
References: 
 >file encription/decriptoin iOS (From: email@hidden)
 >Re: file encription/decriptoin iOS (From: Alastair Houghton <email@hidden>)
 >Re: file encription/decriptoin iOS (From: Alex Zavatone <email@hidden>)
 >Re: file encription/decriptoin iOS (From: Jens Alfke <email@hidden>)
 >Re: file encription/decriptoin iOS (From: Sandor Szatmari <email@hidden>)
 >Re: file encription/decriptoin iOS (From: Jean-Daniel <email@hidden>)
 >Re: file encription/decriptoin iOS (From: Sandor Szatmari <email@hidden>)
 >Re: file encription/decriptoin iOS (From: Jens Alfke <email@hidden>)

  • Prev by Date: Re: UITableViewController
  • Next by Date: Re: file encription/decriptoin iOS
  • Previous by thread: Re: file encription/decriptoin iOS
  • Next by thread: Re: file encription/decriptoin iOS
  • Index(es):
    • Date
    • Thread