0

I need to store a large number of different kind of confidential data in my project. The data can be represented as encoded NSStrings. I rather like to initialize this in code than read from a file, since that is more secure.

So I would need about 100k lines like this:

[myData addObject: @"String"];

or like this

myData[n++] = @"String";

Putting these lines in Xcode causes compile time to increase extensively up to several hours (by the way in Eclipse it takes a fraction of a second to compile 100k lines like this)

What would be feasible secure alternatives?

(please do not suggest reading from a file since this makes the data much easier to crack)

user387184
  • 10,953
  • 12
  • 77
  • 147

2 Answers2

3

Strings in your code can be readily dumped with tools like strings.

Anyway, if you want to incorporate a data file directly into the executable, you can do that with the -sectcreate linker option. Add something like -Wl,-sectcreate,MYSEG,MYSECT,path to the Other Linker Commands build setting. In your code, you can use getsectdata() to access that data section.

However, you must not consider any of the data that you actually deliver to the end user, whether in code or resource files, as "confidential". It isn't and can never be.

Ken Thomases
  • 88,520
  • 7
  • 116
  • 154
  • 1
    +1 As you suggest, every technique that makes an encrypted file crackable will equivalently make the embedded data equally crackable. Since there is little practical improvement in security, you should select the easier one to implement and that causes the least trouble for your legitimate users. – Rob Napier Feb 10 '13 at 19:19
1

I would put the strings in a plist file and read it into an NSArray at run time. For security encrypt the file.

zaph
  • 111,848
  • 21
  • 189
  • 228
  • Thanks, I rather avoid putting the data in a file since one easily knows what to decrypt immediately - using arrays in the code makes this less obvious... – user387184 Feb 10 '13 at 13:27
  • How does knowing what to decrypt help an attacker if they do not know the key? – zaph Feb 10 '13 at 13:29
  • 1
    I would assume finding the just key in the code is much easier than decrypting the complete data encrypted in classes somewhere in code... – user387184 Feb 10 '13 at 13:32
  • Indeed, handling keys is the hard part. It is a lot easier to conceal a 16 or 32 bytes of non-ascii key. The key could be a computed value, say combining several integers with some math operations but this is not a secure solution as it relies on obscurity of the method. There are better ways to handle the key depending on your needs – zaph Feb 10 '13 at 13:43
  • There is no good reason to believe that finding the decryption key is any easier or harder than finding the data in the classes. In either case the attacker will just put a debugger on your program and let it decrypt the data for him. – Rob Napier Feb 10 '13 at 19:36
  • If I understand the debugger approach, then one needs a loop over all the entries - I do not have a loop like this in my code, only selected entries are decrypted when required. One would have to write a standalone decrypter - which again is easier if the data is in a file than in the app I think – user387184 Feb 10 '13 at 21:37