Protecting the app sandbox

Question

So I am working on a test app that downloads files locally to the app file storage sandbox. Some of these files may be sensitive and need to be protected. My app has a login mechanism, so you wouldn't be able to access the files if you didn't have a login, so my main concern is the ability to sniff the contents (Perhaps on a jailbroken device??).

Now I was wondering if the best method to protecting these files is to encrypt each one independently? Or perhaps there is a way to encrypt the whole sandbox? Or is it encrypted by default? Has anyone ever done anything like this before?

I apologize for the long string of questions, I am trying to gather as much info about this as possible before making a design decision...

Thanks!

Answer 1

You can encrypt the whole sandbox using the OS if you target iPhone 4 with OS 4.x. Even then, iOS has this concept of an 'escrow keychain' which is basically a cache of passwords and can he potentially hacked into. As far as I am aware, Mail is the only app that encrypts everything.

In order to encrypt your application data in this way, you just need to set the appropriate NSFileProtectionKey as documented in NSFileManager. But, as mentioned, this is not entirely secure.

You could try a custom category on the file manager that encrypts files based on your own requirement so that you have encrypted documents. The choice is yours.

Answer 2

You might want to look into the File Protection mechanisms in iOS 4 and later. That provides a way to mark a file as "protected" so it will be stored encrypted on disk at all times, only accessible when the device is unlocked (with a passcode).

See also this question