16

Is there a straightforward way to share private data between two or more users using CloudKit?

Public and private date are obvious, but there doesn't seem to be a way to allow a group of users to organize their own silo to share data amongst themselves without making it available to all the other users of the system and to the app developer.

I have an academic collaboration app in mind but the simplest example would be private messaging between two users.

I guess one could try to build a public key encryption system on top of CloudKit to achieve that, but that's not what I'm looking for and would scale poorly beyond two users per group.

hashemi
  • 2,608
  • 1
  • 25
  • 31
  • Public Key (asymmetric encryption) does scale well, only one key is needed per user. There is central point to obtain the public of each user on demand. Symmetric key encryption does not scale because it requires a key per potential connection, that is every user would have a symmetric key with each other user. All security comes with a cost. – zaph Oct 27 '14 at 00:56
  • To clarify, I meant that it does't scale well if a user tries to share the data with more than one other user (e.g: group chat with five other users) because the user sending the message will need to encrypt it with the public key of each of the other group members and five encrypted copies need to be stored for each message shared in the group. – hashemi Oct 27 '14 at 02:48
  • 1
    [Brent Simmons blogged about this and thinks it isn't possible.](http://inessential.com/2014/07/28/setting_expectations_about_cloudkit) – hashemi Oct 27 '14 at 02:56
  • Encrypt the data with a symmetric key once. Share that symmetric key by encrypting it once per user. So, the data is encrypted once with a quick symmetric algorithm like AES and stored. The symmetric key is encrypted once per user with the slow public keys. – zaph Oct 27 '14 at 12:14
  • Got it. So you'd generate the AES key at the start of the group and keep the same key indefinitely, change it only if needed (e.g, if someone leaves the group). Don't know how Apple would feel about that. – hashemi Oct 28 '14 at 15:01
  • 1
    Somewhat, I don't know who large your groups are or how dynamic they are, I was envisioning a new AES key for each message. I presume you have read Apple's description of how iMessage encryption works, they are not shy to encrypt for each recipient and use HSMs to control the keys while destroying the keys to the HSMs. – zaph Oct 28 '14 at 15:26
  • did you ever find an answer or solution ? – DogCoffee Mar 20 '16 at 12:46
  • @DogCoffee No, situation hasn't changed. Only solution is in zaph's comment. – hashemi Mar 20 '16 at 12:49

4 Answers4

6

At WWDC 2016, Apple introduced CKShare which addresses this use case. As of Jun 13th, 2016, the beta API is public but undocumented. The sharing API is demonstrated in the WWDC 2016 video What's new with CloudKit, starting at 19:57.

hashemi
  • 2,608
  • 1
  • 25
  • 31
1

Short answer: YES!

CloudKit Sharing was introduced at WWDC 2016. There is a great overview in the "What's new in CloudKit" session: https://developer.apple.com/videos/play/wwdc2016/226/

BlueCloud
  • 93
  • 6
0

Technically yes, you can share private data between two our more users with CloudKit. While the data store is public, this does not mean that each user has access to the entire public store. Your design can control access to portions of the public database within each app instance.

By developing an app that uses the public database with unique identifiers for groups of users, and zones using CKRecordZoneNotification for managing notifications, you should be able to create a reasonably secure solution. You decide what reasonably secure means.

Here's a link to Apple's docs for CKRecordZoneNotification

bitsand
  • 649
  • 8
  • 9
  • 1
    We disagree on what's considered reasonably secure. This is basically security by obscurity. Anyone can bypass the app and access the data store directly if they were motivated enough to want the data. – hashemi Nov 26 '14 at 17:49
  • I've not delved into CloutKit's authentication mechanisms so I can't say if this only SBO. Is it really that trivial that 'anyone' can bypass an app? – bitsand Dec 17 '14 at 22:34
  • Is not as easy as create zones, Apple doesn't support zones on public Database. – D33pN16h7 May 27 '15 at 21:14
0

Using the public database and encrypting the shared content would work. Might not be too much fun because then you would need to share encryption keys.

user3708023
  • 1