核心数据加密 [英] Core Data Encryption
问题描述
我有一个关于Core Data加密的问题。我在Core Data SQLite数据库中存储一些敏感的用户数据。临界值是所有可变换的,我使用AES256加密和解密他们的飞行,包括每个值的单独的IV。加密密钥是用户选择的密码的SHA512散列。这到目前为止工作得很好。
I have a question about Core Data encryption. I'm storing some sensitive user data in a Core Data SQLite database. The critical values are all transformables and I'm using AES256 to encrypt and decrypt them 'on the fly', including an individual IV for every value. The encryption key is the SHA512 hash of the password the user has chosen. This works very well so far.
现在关于用户密码。当用户启动应用程序时,他会被要求输入密码。密码正在使用SHA512进行哈希处理,并存储在iOS钥匙串中。对于每个写入或读取操作,NSValueTransformer将从keychain获取密码。如果应用程序正在关闭,我将从密钥链中删除密码哈希。
Now about the user password. When the user launches the app he is asked for his password. The password is being hashed with SHA512 and stored in the iOS keychain. For every write or read operation the NSValueTransformer will get the password from the keychain. If the app is being closed, I delete the password hash from the keychain.
在我的Core Data数据库中,我有一个特殊的实体,它只是价值。要测试用户是否输入了正确的密码,我将获取此实体并读取数字。如果是=! 0,我知道密码是正确的,因为当解密失败NSValueTransformer总是返回0。
In my Core Data database I have a special entity which has a random number != 0 as it's only value. To test if the user has entered the correct password I fetch this entity and read the number. If it is =! 0, I know that the password was correct because when the decryption fails the NSValueTransformer always returns 0.
现在我的实际问题:你认为这是一个好的方法加密吗?
Now my actual questions: Would you consider this a good approach on encryption? How else would you test if the entered password is correct?
我有点担心,在应用程序运行时将密码哈希存储在钥匙串中会使得一切都变慢,因为NSValueTransformer必须一直访问keychain。
I'm a little concerned that storing the password hash in the keychain while the app is running makes everything slower, because the NSValueTransformer has to access the keychain all the time. Would it be sufficiently secure to just keep the password hash in memory, so it'll be deleted when the app closes?
推荐答案
是否可以在内存中保留密码哈希,你不应该使用哈希的密码,哈希设计为快,所以它(相对)容易做暴力攻击。使用 密钥派生功能 PBKDF2 。
You shouldn't use the hash of the password, hashes are designed to be fast so it's (comparatively) easy to do a brute-force attack. Use a key derivation function like PBKDF2.
不要使用直接从密码派生的密钥作为加密密钥。如果用户更改密码,您需要重新加密所有数据,备份变得毫无价值。使用您使用基于密码的密钥加密密钥加密的随机生成的加密密钥。
Don't use a key directly derived from the password as an encryption key. If the user changes the password, you need to reencrypt all data and backups become worthless. Use a randomly generated encryption key that you encrypt with a key encryption key based on the password.
我不确定将密钥存储在钥匙串中,而不是保持它在内存中。最后一次我看着这个,它是比较容易解密的钥匙串。并且每个可以读取您运行的应用程序的内存的攻击者很可能能够窥探钥匙串访问或解密的数据。只要将它保存在内存中,并确保擦除内存,如果应用程序挂起到后台等。这显然也适用于每一块解密的数据。
I'm not so sure about storing the hash in the keychain instead of just holding it in memory. The last time I looked into this, it was comparetively easy to decrypt the keychain. And every attacker that can read the memory of your running app will most likely be able to snoop on the keychain access or the decrypted data. Just keep it in memory and make sure to wipe the memory if the app suspends into background etc. This holds obviously also true for every piece of decrypted data.
您生成一个随机密钥来加密您的数据,我们称之为密钥A.您可以使用 SecRandomCopyBytes 生成键A,请参阅 Apple的CryptoExcercise 的用法示例。您使用密钥A加密用户数据。要保存密钥A,您必须用第二密钥B加密密钥A.您不应该直接使用密码作为密钥B,因为快速暴力或字典攻击。因此,您可以使用PBKDF从密码中导出密钥,如 this
stackoverflow答案。然后,您用密钥B加密密钥A,例如。使用 CCCrypt 。您保存加密的密钥A和用于导出密钥B的盐。
要解密,用户输入密码,您使用密码和盐导出密钥B.您使用派生密钥B解密密钥A.希望澄清。
you generate a random key to encrypt your data, let's call it key A. You could use SecRandomCopyBytes to generate key A, see Apple's CryptoExcercise for a usage example. You use key A to encrypt the user data. To save key A, you have to encrypt key A with a second key B. You shouldn't use the password directly as key B, because of fast brute-force or dictionary attacks. So you derive a key from the password with a PBKDF, like in this stackoverflow answer. You then encrypt key A with key B, e.g. using CCCrypt. You save the encrypted key A and the salt used to derive key B it. To decrypt, the user enters the password, you derive key B using the password and the salt. You decrypt key A using the derived key B. Hope that clarifies.
这篇关于核心数据加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
